First Weekly Chrome Security Update Patches High-Severity Vulnerabilities


Google released a security patch for Chrome 116 this week, fixing five memory safety flaws discovered by outside researchers, including four of ‘high severity’. The most serious of these weaknesses is CVE-2023-4430, a use-after-free bug in Vulkan, the open, cross-platform standard for 3D graphics, according to the bug bounty prize Google handed out for them.

According to Google’s announcement, Cassidy Kim disclosed the vulnerability and was awarded a $10,000 bug bounty for the discovery.x000D Another use-after-free problem, this time in the Loader component, is next on the list. The bug was disclosed by an unnamed researcher who won a $3,000 reward and is listed as CVE-2023-4429.

Read More…