Google Patches More ‘High-Risk’ Security Flaws in Chrome

Just days after patching almost two dozen security flaws in Chrome, Google is rolling out yet another set of fixes for users of its popular web browser on desktop and mobile platforms.

Chrome 126, the latest version of the world’s most popular web browser, rolled out to users last week with new features and improvements, including a hefty dose of security amendments.

Security maintenance release

Yesterday, Google issued a smaller maintenance update to Windows, Mac, Linux, and Android users addressing four more flaws, all labelled high-risk.

While none of the issues are known to be exploited in the wild by attackers, Google feels they are serious enough to warrant an exclusive security update, tagging the vulnerabilities as important.

To make sure the latest security fixes are applied, desktop users need version 126.0.6478.114/115 on Windows and Mac, and 126.0.6478.114 on Linux computers. On Android, users should find version 126.0.6478.110 available from Tuesday, June 18.

There is no accompanying iOS Chrome release this time around. Chrome for iOS typically only receives stability and performance improvements, as it’s generally unaffected by the security issues exhibited by Chrome on desktop and Android platforms.

High-risk flaws

Google’s high-risk rating means motivated attackers can, and likely will, exploit the flaws to compromise target machines. In the past, threat actors have chained together exploits for such bugs to deploy data stealing malware, including spyware.

Spyware is designed to collect various types of data, such as keystrokes, login credentials and personal messages. It can be used to monitor a user's activities, including web browsing history, and application usage.

Spyware can capture screenshots containing sensitive information, take photos using the device’s built-in cameras, and record sounds with the phone’s mic.

As always, Bitdefender recommends deploying the latest software updates issued by the software/hardware vendor as soon as they’re available. Staying up to date greatly reduces the attack surface, as most software updates include important security fixes.

According to the Bitdefender 2024 Consumer Cybersecurity Assessment Report, few people consider themselves an actual target for cybercriminals and engage in complacent cybersecurity practices, making it imperative to employ dedicated security on their personal devices.