Google Chrome 127 Stable Release Addressed Multiple Security Bugs

Google Chrome users must update their devices with the latest Chrome 127 release, which addresses numerous security vulnerabilities. Fortunately, none of these vulnerabilities constitute a zero-day.

Google Chrome 127 Security Fixes Crucial For Users

Almost a month after a major Chrome update, Google has rolled out another stable version for users. The new Google Chrome 127 stable release brings numerous security fixes. As described in its advisory, these patches addressed some serious vulnerabilities, which are listed below.

  • CVE-2024-6990: A critical severity flaw that Google describes as “uninitialized use in Dawn.” The firm credited the researcher with the alias “gelatin dessert” for reporting the vulnerability.
  • CVE-2024-7255: A high severity “out of bounds read in WebTransport,” which caught Google’s attention following the bug report from Marten Richter.
  • CVE-2024-7256: Another high-severity issue that the researcher with the alias “gelatin dessert” found and reported to Google. The firm described it as an insufficient data validation issue in Dawn.

Google released all these security fixes with Chrome 127.0.6533.88/89 for Windows and Mac and 127.0.6533.88 for Linux. Moreover, the tech giant also released the same security patches with Chrome 127 (127.0.6533.84) for Android.

Since all these vulnerabilities affected the Chromium engine, all Chromium-based web browsers became vulnerable. In this regard, Microsoft issued separate advisories for its Chromium-based Microsoft Edge browser, confirming patch deployments for CVE 2024 6990, CVE-2024-7255, and CVE-2024-7256.

This Google release affected Chrome users. That outage typically impacted Chrome 127.0.6533.57 – the predecessor of the recent stable version. We hope this stable release comes with other bug fixes alongside the disclosed security patches so that no such glitches happen in the coming days.

Google didn’t mention any possible exploitation of these vulnerabilities in the wild. Nonetheless, given the severity of these flaws, all users must ensure that their devices are updated promptly with the latest releases.

Let us know your thoughts in the comments.

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Astaroth Banking Malware Runs Actively Targets Users In Brazil