Google Chrome 119.0.6045.123 for Linux and Mac and 119.0.6045.123/.124 for Windows available

With the weekly Chrome update, Google closes a security vulnerability that is classified as high risk. Based on the classification, it can be assumed that manipulated websites can misuse the leak to insert malicious code.

In the according version announcement, Google explains that it is a use-after-free vulnerability in the WebAudio component of the browser (CVE-2023-5996, no CVSS, risk high according to Google). With this type of error, the program code accesses resources that have previously been released. Their contents are therefore undefined. Attackers can often abuse this type of vulnerability to inject and execute arbitrary program code.

The vulnerability is no longer included in Google Chrome 119.0.6045.123 for Linux and Mac and 119.0.6045.123/.124 for Windows. The developers have also upgraded the browser to version 118.0.5993.136 for Mac and Windows in the Extended Stable channel, without listing the changes in the release notes.

To ensure that the browser is already running in the latest version, just click on the settings menu, which can be found to the right of the address bar under the icon with the three stacked dots, and then click Help - About Google Chrome.

The version dialog shows the currently running version of the browser and starts the update process if available. At the end, the dialog prompts you to restart the web browser.