Google Patches Six High-Risk Security Flaws in Chrome 106

Google is rolling out a new incremental update for Chrome 106 this week. The release is squarely geared towards security, patching six high-risk bugs discovered in the latest version of the popular web browser.

“The Stable channel has been updated to 106.0.5249.119 for Windows, Mac and Linux, which will roll out over the coming days/weeks,” writes Srinivas Sista on the Chrome Releases blog.

The update includes six security fixes in areas like Skia, WebSQL, Custom Tabs, Permissions API, Safe Browsing and Peer Connection.

All six are considered high-severity vulnerabilities, meaning a threat actor could conceivably inflict damage by exploiting one or more of these flaws. This means updating on the customer’s end is important.

No known exploits are currently circulating in the wild, but that doesn’t mean hackers aren’t brewing up ways to capitalize on the flaws.

In typical fashion, Google is restricting access to bug details and other resources linking to these flaws until a majority of users are updated with a fix.

The web giant is awarding more than $30,000 in bug bounties to the researchers who discovered and reported the vulnerabilities.

Chrome users should make this update a priority. To patch your Chrome browser, simply visit the Settings menu, choose About Chrome and allow the software a few seconds to fetch the new version. When ready, relaunch Chrome to apply the patch.

Alongside the desktop release, Google is also rolling out a Chrome update for Android customers. The release includes “stability and performance improvements,” according to the changelog.

Bitdefender recommends that users keep their most-used apps and devices up to speed with the latest vendor updates.