Google patches 4 high-rated security issues in latest Chrome 116 update
Google released a security update for Google Chrome 116 for desktop operating systems and for Android today. The update addresses 4 high-rated security issues in the web browser.
The update is published already and should be distributed to the majority of the Chrome population in the coming days and weeks. Desktop users may speed up the installation of the security update by loading chrome://settings/help, or selecting Menu > Help > About Google Chrome.
Google Chrome displays the installed version on the page that opens and runs a check for updates. It will pick up the new update at this point to download and install it.
One of the following versions should be listed on the Help page after installation of the latest security update:
- Chrome for Linux and Mac: 116.0.5845.179
- Chrome Extended Stable channel for Mac: 116.0.5845.179
- Chrome for Windows: 116.0.5845.179 or 116.0.5845.180
- Chrome Extended Stable channel for Windows: 116.0.5845.180
- Chrome for Android: 116.0.5845.172
The fixed security issues in Chrome 116
Google lists four security updates on the official Chrome Releases blog and confirms that these are the only security issues fixed in the release.
All of the four patched vulnerabilities are rated high, which is second only to critical. Google makes no mention of exploits in the wild, but users should still consider updating as soon as possible to avoid attacks that may come at a later point.
The four issues address an out of bounds memory access in FedCM, type confusion in V8, use after free in Networks, and in incorrect security UI in BFCache issue.
BFCache stands for Back Forward Cache. It powers the browser's back and forward buttons and the linked functionality. The issue was reported in May to Google.
Closing Words
Google switched to a weekly update schedule for its Chrome web browser recently, and it shows. The list of fixed security issues is shorter in individual releases and updates have doubled. Google decided to make the change to push security updates quicker to user devices and reduce the time that malicious actors have to exploit reported vulnerabilities in the web browser.
Now You: how often do you update your apps and browsers?