Critical security vulnerability threatens Google Chrome

Critical vulnerability threatens Google Chrome

Attackers can exploit several vulnerabilities in Chrome to compromise PCs.

Google's Chrome web browser has been released in a version that is secured against possible attacks. Users should ensure that the latest version is installed.

The threats

A recent warning message indicates that the developers have closed a"critical" vulnerability (CVE-2024-6990), among other things. It affects the Dawn component, which can perform calculations on graphics cards via WebGPU.

It is not clear from the warning message how attackers can exploit the vulnerability and what the result of successful attacks is. However, if the vulnerability is classified as critical, it can be assumed that attackers can execute their own commands or even malicious code.

The remaining vulnerabilities (CVE-2024-7255, CVE-2024-7256) are classified as"high". Among other things, malicious code can get onto systems here.

Patch now!

The developers state that they have closed the gaps in Chrome 127.0.6533.88/89 for macOS and Windows and 127.0.6533.88 for Linux. Last week, Google resolved 22 security issues, which are of course no longer present in the current version.

As a rule, updates are installed automatically under macOS and Windows, for example. You can check the installed version under Help/About Google Chrome and trigger a manual update using the three overlapping dots at the top right of the window.

Look in password-protected archives

The web browser can now check downloaded files even more effectively and classify them as potential threats. But for even more in-depth investigations, users have to share data. Chrome can even look into archives that are protected with a password.