Security update: Critical security vulnerability threatens Google Chrome
Attackers can exploit several vulnerabilities in Chrome to compromise PCs.
Security gaps in Google Chrome put users at risk.
(Image: Bild erstellt mit KI in Bing Designer durch heise online / dmk)
Google's Chrome web browser has been released in a version secured against possible attacks. Users should ensure that the latest version is installed.
The threats
A recent warning message indicates that the developers have closed a"critical" security vulnerability (CVE-2024-6990), among other things. It affects the Dawn component, which can perform calculations on graphics cards via WebGPU.
It is not clear from the warning message how attackers can exploit the vulnerability and what the results of successful attacks are. However, if the vulnerability is classified as critical, it can be assumed that attackers can execute their own commands or even malicious code.
The remaining vulnerabilities (CVE-2024-7255, CVE-2024-7256) are classified as"high". Among other things, malicious code can get onto systems here.
Patch now!
The developers state that they have closed the gaps in Chrome 127.0.6533.88/89 for macOS and Windows and 127.0.6533.88 for Linux. Last week, Google resolved 22 security issues, which are of course no longer present in the current version.
As a rule, updates are installed automatically on macOS and Windows, for example. You can check the installed version under Help/About Google Chrome and trigger a manual update using the three dots arranged one above the other in the top right-hand corner of the window.
Look in password-protected archives
The web browser can now check downloaded files even more effectively and classify them as potential threats. But for even more in-depth investigations, users have to share data. Chrome can even look into archives that are protected with a password.
(des)
