Google has released Chrome 127 browser updates to the stable channel for Mac, Linux and Windows.
The updates include 24 security fixes. The new version was announced as usual on Google blog.
The stable channel has been updated to version 127.0.6533.72/73 for Windows and macOS. On Linux, the update updates the browser to version 127.0.6533.72.
(the offline installer does not include the automatic update function
- Download web installer: Google Chrome Web 32-bit | Google Chrome 64 bit | Freeware
- Download: Google Chrome Offline Installer 64-bit | 110.0 MB
- Download: Google Chrome Offline Installer 32-bit | 99.7 MB
- Download page: Google Chrome Portable
- Download: Google Chrome MSI Installers for Windows (automatic update)
- View: Chrome Website | Release Notes
Google he says that it has patched 24 security holes and gives us the following:
- [$ 11000] [349198731] High CVE-2024-6988: Use after free in Downloads. Reported by lime(@limeSec_) from TIANGONG Team of Legendsec at QI-ANXIN Group on 2024-06-25
- [$ 8000] [349342289] High CVE-2024-6989: Use after free in Loader. Reported by Anonymous on 2024-06-25
- [TBD][346618785] High CVE-2024-6991: Use after free in Dawn. Reported by wgslfuzz on 2024-06-12
- [TBD][349653220] High CVE-2024-6992: Out of bounds memory access in ANGLE. Reported by Xiantong Hou of Wuheng Lab and Pisanbao on 2024-06-27
- [TBD][349903568] High CVE-2024-6993: Inappropriate implementation in Canvas. Reported by Anonymous on 2024-06-30
- [$ 8000] [339686368] Medium CVE-2024-6994: Heap buffer overflow in Layout. Reported by Huang Xilin of Ant Group Light-Year Security Lab on 2024-05-10
- [$ 6000] [343938078] Medium CVE-2024-6995: Inappropriate implementation in Fullscreen. Reported by Alesandro Ortiz on 2024-06-01
- [$ 5000] [333708039] Medium CVE-2024-6996: Race in Frames. Reported by Louis Jannett (Ruhr University Bochum) on 2024-04-10
- [$ 3000] [325293263] Medium CVE-2024-6997: Use after free in Tabs. Reported by Sven Dysthe (@svn-dys) on 2024-02-15
- [$ 2000] [340098902] Medium CVE-2024-6998: Use after free in User Education. Reported by Sven Dysthe (@svn-dys) on 2024-05-13
- [$ 2000] [340893685] Medium CVE-2024-6999: Inappropriate implementation in FedCM. Reported by Alesandro Ortiz on 2024-05-15
- [$ 500] [339877158] Medium CVE-2024-7000: Use after free in CSS. Reported by Anonymous on 2024-05-11
- [TBD][347509736] Medium CVE-2024-7001: Inappropriate implementation in HTML. Reported by Jake Archibald on 2024-06-17
- [$ 2000] [338233148] Low CVE-2024-7003: Inappropriate implementation in FedCM. Reported by Alesandro Ortiz on 2024-05-01
- [TBD][40063014] Low CVE-2024-7004: Insufficient validation of untrusted input in Safe Browsing. Reported by Anonymous on 2023-02-10
- [TBD][40068800] Low CVE-2024-7005: Insufficient validation of untrusted input in Safe Browsing. Reported by Umar Farooq on 2023-08-04
Chrome will be rolling out via auto-update in the coming days and weeks. Of course you can directly update manually (via the About Google Chrome menu).
You can also download the latest version of Chrome browser from the links below
(the offline installer does not include the automatic update function
- Download web installer: Google Chrome Web 32-bit | Google Chrome 64 bit | Freeware
- Download: Google Chrome Offline Installer 64-bit | 110.0 MB
- Download: Google Chrome Offline Installer 32-bit | 99.7 MB
- Download page: Google Chrome Portable
- Download: Google Chrome MSI Installers for Windows (automatic update)
- View: Chrome Website | Release Notes