By NICK GILBERTSON Google Chrome has announced a significant update for its more than three billion users after detecting 30 security vulnerabilities on its browser — seven of which were deemed highly severe — just weeks after issuing an update for a zero-day vulnerability that hackers exploited.
The company issued a press release on April 26 announcing that it will promote Google Chrome 101.0.4951.41 in the coming days or weeks to the stable channel for Mac, Windows, and Linux, which will offer protection from the dozens of common vulnerabilities and exposures (CVE) found on the browser, which Statista reports is used by 3.2 billion people.
“Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” Chrome said in its release.
“A vulnerability is a mistake in software code that provides an attacker with direct access to a system or network,” CSO reported, citing the CVE website. “It could allow an attacker to pose as a super-user or system administrator with full access privileges.”
The company noted that hackers had not yet exploited the vulnerabilities, WIRED reported. However, on April 14, Google Chrome announced a patch that corrected the high-risk CVE-2022-1364, which hackers did exploit, according to WIRED. The browser updated the stable channel to 100.0.4896.127 for Mac, Windows, and Linux users.
“The technical details aren’t currently available, but the timing of the fix—just a day after it was reported—indicates it’s pretty serious,” WIRED wrote.
The incident followed another high-threat CVE patch announced on March 25, in which Google said attackers were already exploiting CVE-2022-1096. Forbes noted the fact that the company corrected a single vulnerability, emphasizing the severity of the issue. The bug was fixed when the stable channel for Windows, Mac, and Linux was updated to 99.0.4844.84.