It’s the second week of the month, and that can only mean one thing: expect a lot of security updates to hit your operating systems and applications. Not being one to disappoint, Google has just confirmed a total of 12 new security issues impacting Google Chrome and issued a security update taking the web browser to version 131 across the Windows, Mac, Linux and Android platforms. Here’s what you need to know.

Google Issues An Update Warning For All Chrome Web Browser Users

In a Nov. 12 security announcement, Google confirmed that a total of 12 security issues have been discovered and fixed that impacted all users of the Chrome web browser.

The update to Chrome 131 will occur across the coming days and weeks, but as is always the case when it comes to the security side of things I would recommend that you kickstart this process as soon as possible, and I’ll explain precisely how to do that at the end of this article.

Users of Windows or macOS will find the update takes their version of Chrome to 131.0.6778.69/.70, while for Linux users it is 31.0.6778.69. As for Android, the new version is Chrome 131.0.6778.39.

“Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” Prudhvikumar Bommana from the Google Chrome team said, “we will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven’t yet fixed.”

The Security Vulnerabilities Impacting 3.2 Billion Google Chrome Users

Although Google doesn’t list all of the security vulnerabilities that have been patched by the latest Chrome update, it does highlight those that were discovered by external security researchers. These include one high-rated issue, six medium one and a solitary low-rated vulnerability. Type the common vulnerabilities and exposures, or CVE number, into Google and you can see what level of details is available for each at this time. However, as already explained, don’t expect this to amount much at this stage.

High-severity:

  • CVE-2024-11110 is an inappropriate implementation vulnerability in Blink.

Medium-severity:

  • CVE-2024-11111 is an inappropriate implementation vulnerability in Autofill.
  • CVE-2024-11112 is a use after free vulnerability in Media.
  • CVE-2024-11113 is a use after free vulnerability in Accessibility.
  • CVE-2024-11114 is an inappropriate implementation vulnerability in Views.
  • CVE-2024-11115 is an insufficient policy enforcement vulnerability in Navigation.
  • CVE-2024-11116 is an inappropriate implementation vulnerability in Paint.

Low-severity:

  • CVE-2024-11117 is an inappropriate implementation in FileSystem.

How To Update Google Chrome Right Now

If you are one of the 3.2 billion users of Google’s Chrome web browser, you should see the patch automatically rolling out in the coming days. However, rather than wait for the security update to land and install automatically, you can kickstart the process right now.

To force the security update, head for the Help|About option in your Google Chrome menu and it will automatically start downloading.

Remember to restart your Google Chrome browser after the update has been installed, or it will not activate, and you will still be vulnerable to attack.

Share.
Exit mobile version