Google Chrome 118.0.5993.70 / .71

Posted on 2023-10-11 by guenni

ChromeGoogle has released updates to the Google Chrome browser 118 in the stable channel for Mac, Linux and Windows on October 10, 2023. The entry ican be found on the Google blog. The stable channel has been updated to version 118.0.5993.70 for macOS and Linux. For Windows, the update updates the browser to version 118.0.5993.70/.71.

Advertising

According to the change log, 20 vulnerabilities, one of them critical, have been closed. Here is the list of fixed vulnerabilities.

  • [TBD][1487110] Critical CVE-2023-5218: Use after free in Site Isolation. Reported by @18楼梦想改造家 on 2023-09-27
  • [$5000][1062251] Medium CVE-2023-5487: Inappropriate implementation in Fullscreen. Reported by Anonymous on 2020-03-17
  • [$5000][1414936] Medium CVE-2023-5484: Inappropriate implementation in Navigation. Reported by Thomas Orlita on 2023-02-11
  • [$2000][1476952] Medium CVE-2023-5475: Inappropriate implementation in DevTools. Reported by Axel Chong on 2023-08-30
  • [$1000][1425355] Medium CVE-2023-5483: Inappropriate implementation in Intents. Reported by Axel Chong on 2023-03-17
  • [$1000][1458934] Medium CVE-2023-5481: Inappropriate implementation in Downloads. Reported by Om Apip on 2023-06-28
  • [$1000][1474253] Medium CVE-2023-5476: Use after free in Blink History. Reported by Yunqin Sun on 2023-08-20
  • [$1000][1483194] Medium CVE-2023-5474: Heap buffer overflow in PDF. Reported by [pwn2car] on 2023-09-15
  • [$500][1471253] Medium CVE-2023-5479: Inappropriate implementation in Extensions API. Reported by Axel Chong on 2023-08-09
  • [$6000][1395164] Low CVE-2023-5485: Inappropriate implementation in Autofill. Reported by Ahmed ElMasry on 2022-12-02
  • [$3000][1472404] Low CVE-2023-5478: Inappropriate implementation in Autofill. Reported by Ahmed ElMasry on 2023-08-12
  • [$3000][1472558] Low CVE-2023-5477: Inappropriate implementation in Installer. Reported by Bahaa Naamneh of Crosspoint Labs on 2023-08-13
  • [$1000][1357442] Low CVE-2023-5486: Inappropriate implementation in Input. Reported by Hafiizh on 2022-08-29
  • [$1000][1484000] Low CVE-2023-5473: Use after free in Cast. Reported by DarkNavy on 2023-09-18

As usual, no details are given. Chrome will be rolled out to systems via the automatic update feature in the next few days. One can (and in this case should) also update the browser manually (via the menu and the About Google Chrome command). The latest build of the Chrome browser can also be downloaded here.

Chrome for Android 118.0.5993.65

Furthermore, Google has updated Chrome for Android to version 118.0.5993.65, according to this Google post, and it will be distributed in the next few days. This version includes stability and performance improvements, as well as the same security fixes as mentioned above for the desktop versions of the browser.

Cookies helps to fund this blog: Cookie settings
Advertising

This entry was posted in browser, Security, Update and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *