Chrome & Brave Browser Updates

Topic

New Reply

This is intended to alert Windows users of updates using the STABLE desktop channel only. Check your respective browser update channels to update.

IMPORTANT
14/09/22 – Google Chrome 105.0.5195.127
Release Notes:
https://chromereleases.googleblog.com/

This update includes 11 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

RATED HIGH:
CVE-2022-3195: Out of bounds write in Storage.
CVE-2022-3196: Use after free in PDF.
CVE-2022-3197: Use after free in PDF.
CVE-2022-3198: Use after free in PDF.
CVE-2022-3199: Use after free in Frames.
CVE-2022-3200: Heap buffer overflow in Internals.
CVE-2022-3201: Insufficient validation of untrusted input in DevTools.

IMPORTANT
14/09/22 – Brave 1.43.93
Release Notes:
https://brave.com/latest/

Release Notes v1.43.93 (Sep 14th, 2022)

Restored gesture requirement for async clipboard write access.
Fixed crash on brave://settings which occurred due to brave://flags/#brave-sync-v2 being disabled.
Fixed crash on the New Tab Page which occurred due to brave://flags/#brave-news being disabled.
Fixed crash when the “options” dictionary is null in a Brave Wallet “SignAndSendTransaction” request to a Solana provider.
Fixed the “Learn more” link for unverified creators on the Brave Rewards panel not working.
Fixed blank panel on brave://welcome page which displayed in certain cases.
Upgraded Chromium to 105.0.5195.127.

Windows - commercial by definition and now function...

2 users thanked author for this post.

Alex5723, Cybertooth

Reply | Quote

Replies

Windows Desktop Browser Updates

27th Sept 2022
Google Chrome Stable Update to 106.0.5249.62
Release notes:: https://chromereleases.googleblog.com/

Brave update to 1.44.101
Release Notes: https://brave.com/latest/

Windows - commercial by definition and now function...

2 users thanked author for this post.

Cybertooth, Alex5723

Reply | Quote

Windows Desktop Browser Updates

Sept 30th 2022
Brave Update available to 1.44.105
Release Notes:
https://brave.com/latest/

Chrome Update available to 106.0.5249.91
Release Notes:
Ref: https://chromereleases.googleblog.com/

RATED HIGH:
CVE-2022-3370: Use after free in Custom Elements.
CVE-2022-3373: Out of bounds write in V8.

Security issues fixed applicable to both Chrome and Brave versions.

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Windows Desktop Browser Updates

Wed 5th Oct 2022
Google Chrome Stable 106.0.5249.103 has been released.
More info:
https://chromereleases.googleblog.com/

Thurs 6th Oct 2022
Brave 1.44.108 also released.
https://brave.com/latest/

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Google Chrome106.0.5249.119 stable released.
11th October 2022
Ref: https://chromereleases.googleblog.com/

RATED HIGH:
CVE-2022-3445: Use after free in Skia.
CVE-2022-3446: Heap buffer overflow in WebSQL.
CVE-2022-3447: Inappropriate implementation in Custom Tabs.
CVE-2022-3448: Use after free in Permissions API.
CVE-2022-3449: Use after free in Safe Browsing.
CVE-2022-3450: Use after free in Peer Connection.

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

12th Oct 2022
Brave v1.44.112 Desktop Update
Release notes: https://brave.com/latest/

Updated Sardine purchase link to be set to selected network when opened from Buy screen on Brave Wallet. (#25839)

Removed deprecated Ethereum Testnet’s (Ropsten/Rinkeby/Kovan) and added support for Sepolia Testnet for Brave Wallet. (#25654)

Fixed issue with SignTransaction during NFT purchase on MagicEden when using Brave Wallet. (#25802)

Fixed crash when opening the New Tab Page in certain cases on Linux. (#25849)

Upgraded Chromium to 106.0.5249.119. (#25926) (Changelog for 106.0.5249.119)

This update covers the same CVE’s as Chrome 106.0.5249.119 released yesterday.

Windows - commercial by definition and now function...

Reply | Quote

Brave 1.45.113 released Oct 25th 2022

With further fixes, additions and updates included..
Ref Release Notes:
https://brave.com/latest/

Security related:

….[Security] Added additional password protection for Brave Wallet account removal. (#24711)
[Security] Added additional password protection for Brave Wallet backup seed. (#24534)
[Security] Added additional password protection for Brave Wallet show private key. (#24830)
[Security] Enhanced protection against Brave Wallet pollution attacks. (#24415)
[Security] Updated the Brave Wallet network selector to show the full network name. (#25114)
[Security] Updated Brave Wallet to show the full network name in tooltip for Buy/Send/Swap widget and panel. (#25107)
[Security] Updated the Brave Wallet transaction confirmation panel to show the full network name. (#25105)
[Security] Fixed misleading signing request message in Brave Wallet. (#24816)…..

Windows - commercial by definition and now function...

Reply | Quote

Chrome/107.0.5304.62 Stable Released
25th October 2022
Ref: https://chromereleases.googleblog.com/

RATED HIGH:
CVE-2022-3652: Type Confusion in V8.
CVE-2022-3653: Heap buffer overflow in Vulkan.
CVE-2022-3654: Use after free in Layout.

RATED MEDIUM:
CVE-2022-3655: Heap buffer overflow in Media Galleries.
CVE-2022-3656: Insufficient data validation in File System.
CVE-2022-3657: Use after free in Extensions.
CVE-2022-3658: Use after free in Feedback service on Chrome OS.
CVE-2022-3659: Use after free in Accessibility.
CVE-2022-3660: Inappropriate implementation in Full screen mode.

RATED LOW:
CVE-2022-3661: Insufficient data validation in Extensions.

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Chrome 107.0.5304.87/ 88 Stable Desktop released
27th October 2022
ref: https://chromereleases.googleblog.com/

Security Fix:

RATED HIGH:
CVE-2022-3723: Type Confusion in V8.

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Brave Browser Desktop Update

v1.45.116 Oct 28th, 2022

Release Notes:

Fixed tab hover preview not being shown correctly when “Card with preview” is selected for the “Tab hover mode” setting under brave://settings/appearance. (#26251)
Upgraded Chromium to 107.0.5304.91….

Ref: https://brave.com/latest/

Windows - commercial by definition and now function...

Reply | Quote

Brave 1.45.118 Released
2nd November 2022
https://brave.com/latest/

Release Notes v1.45.118 (Nov 2nd, 2022)

[Security] Fixed download crash which occurred in certain cases as reported on HackerOne by rebane2001. (#26384)

Fixed crash caused by Crypto.com widget on the New Tab Page. (#26412)

Fixed shields not blocking WebSocket connections when adding custom filter under brave://settings/shields/filters. (#26285)

Windows - commercial by definition and now function...

Reply | Quote

8th November 2022
Chrome Update to 107.0.5304.107
https://chromereleases.googleblog.com/

RATED HIGH:
CVE-2022-3885: Use after free in V8.
CVE-2022-3886: Use after free in Speech Recognition.
CVE-2022-3887: Use after free in Web Workers.
CVE-2022-3888: Use after free in WebCodecs.
CVE-2022-3889: Type Confusion in V8.
CVE-2022-3890: Heap buffer overflow in Crashpad.

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Brave 1.45.123 Released
9th November 2022
Release Notes: https://brave.com/latest/

Upgraded Chromium to 107.0.5304.110. (Changelog for 107.0.5304.110)

Windows - commercial by definition and now function...

Reply | Quote

Brave v1.45.127 Released
15th November 2022
https://brave.com/latest/

Release Notes v1.45.127 (Nov 15th, 2022)
Added Solana NFT support in Brave Wallet.

Updated default search engine to Brave Search for new installations in certain regions.

Removed FTX widget from the New Tab Page and widget gallery.

Fixed issue where Brave Rewards appears disabled in certain cases.

Internal bug fixes to the browser then…

Windows - commercial by definition and now function...

Reply | Quote

Brave 1.45.131 Released
22nd November 2022
https://brave.com/latest/

Added header for search.brave.com so Brave Search is aware when Brave Ads are enabled. (#25430)

Fixed issue where farbling protections for screen resolution and coordinates were incorrectly being applied to extension pages. (#26715)

Windows - commercial by definition and now function...

Reply | Quote

Chrome Update for another Zero-day!
24th November 2022

Chrome 107.0.5304.121/.122 for Windows and Chrome 107.0.5304.121 for mac/ Linux
Ref: https://chromereleases.googleblog.com/

RATED HIGH
CVE-2022-4135: Heap buffer overflow in GPU.

Patch ASAP!

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Brave 1.45.133 Released
25th November 2022
Ref: https://brave.com/latest/

Upgraded Chromium to 107.0.5304.141. (#26965) (Changelog for 107.0.5304.141)

Addresses exploited Zero-day, update ASAP!

Windows - commercial by definition and now function...

Reply | Quote

Chrome 108.0.5359.71/ 72 Released
29th November 2022
https://chromereleases.googleblog.com/

This update includes 28 security fixes…/

RATED HIGH:
CVE-2022-4174: Type Confusion in V8.
CVE-2022-4175: Use after free in Camera Capture.
CVE-2022-4176: Out of bounds write in Lacros Graphics.
CVE-2022-4177: Use after free in Extensions.
CVE-2022-4178: Use after free in Mojo.
CVE-2022-4179: Use after free in Audio.
CVE-2022-4180: Use after free in Mojo.
CVE-2022-4181: Use after free in Forms.

RATED MEDIUM:
CVE-2022-4182: Inappropriate implementation in Fenced Frames.
CVE-2022-4183: Insufficient policy enforcement in Popup Blocker.
CVE-2022-4184: Insufficient policy enforcement in Autofill.
CVE-2022-4185: Inappropriate implementation in Navigation.
CVE-2022-4186: Insufficient validation of untrusted input in Downloads.
CVE-2022-4187: Insufficient policy enforcement in DevTools.
CVE-2022-4188: Insufficient validation of untrusted input in CORS.
CVE-2022-4189: Insufficient policy enforcement in DevTools.
CVE-2022-4190: Insufficient data validation in Directory.
CVE-2022-4191: Use after free in Sign-In.
CVE-2022-4192: Use after free in Live Caption.
CVE-2022-4193: Insufficient policy enforcement in File System API.
CVE-2022-4194: Use after free in Accessibility.
CVE-2022-4195: Insufficient policy enforcement in Safe Browsing.

Brave 1.46.133 Released
1st December 2022
Ref: https://brave.com/latest/

Due to a much larger changelog, this has been reduced for security and fixes for a quick guide

….Security:
Disabled block element picker in Private Windows.
Enabled ENS L2 resolution for Brave Wallet.
Enabled HTTPS-Only mode for Private Windows with Tor.
Fixed broken “Add” button when adding a custom asset to Brave Wallet.
Fixed incorrect rendering of ERC20 “Approve” amount on Brave Wallet panel.
Fixed NFT images not loading in the Brave Wallet panel.
Fixed cursor position when editing Brave Wallet restore words.
Fixed the fiat currency selector not working on the “Fund” screen of Brave Wallet.
Fixed incorrect base currency being displayed on the Brave Wallet Market tab.
Fixed address validation not being called after switching Brave Wallet accounts.
Fixed broken “first” link for “Sign Transaction” in Brave Wallet panel.
Fixed incorrect placeholder text for password input field in Brave Wallet.
Fixed x-ipfs-path handling for redirecting URLs without a DNS record.
Fixed crash on https://d3ward.github.io/toolz/adblock when “RU Adlist” is enabled under brave://settings/shields/filters.
Fixed HTTPSE redirects taking precedence over adblock redirects.
Fixed incorrect button color on toolbar when certain themes are applied.
Fixed drag and drop indicator not disappearing from sidebar after drag and drop is complete.
Upgraded Chromium to 108.0.5359.71…

more listed additions/ removals and updates available on brave website.

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

IMPORTANT! Update ASAP

Chrome 108.0.5359.94/95 Released
2nd December 2022
Ref: https://chromereleases.googleblog.com/

RATED HIGH
CVE-2022-4262: Type Confusion in V8.

Brave 1.46.134 Released
3rd December, 2022
https://brave.com/latest/

Upgraded to Chromium 108.0.5359.94
(Changelog for 108.0.5359.94)

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Chrome 108.0.5359.98/ 99 Released
7th December 2022
https://chromereleases.googleblog.com/

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Brave/1.46.138 released
7th December 2022
https://brave.com/latest/

Fixed performance issue where fingerprint farbling caused some sites to load slowly or not at all. (#26700)

Windows - commercial by definition and now function...

Reply | Quote

Chrome/108.0.5359.124/ 125 update released
Tuesday13th December 2022
https://chromereleases.googleblog.com/

8 Security Fixes:

RATED HIGH
CVE-2022-4436: Use after free in Blink Media.
CVE-2022-4437: Use after free in Mojo IPC.
CVE-2022-4438: Use after free in Blink Frames.
CVE-2022-4439: Use after free in Aura.

RATED MEDIUM
Medium CVE-2022-4440: Use after free in Profiles.

Brave v1.46.144 released
Wednesday 14th December 2022
Ref: https://brave.com/latest/

Release Notes:

Updated Brave Wallet to sign Solana transactions with selected account instead of fee payer. (#27051)

Updated Brave Wallet to not use first available pubkey as the “To” address for Solana unknown instructions. (#27187)

Updated the “Learn more” link on the Windows 7 and 8.1 deprecation infobar. (#27176)

Disabled Manifest V2 deprecation warning message. (#26207)

Fixed crash when re-opening Brave News from the “Customize Dashboard” modal after following a source. (#26876)

Fixed issue where some websites failed to load when brave://flags#brave-block-screen-fingerprinting is enabled. (#27021)

Upgraded Chromium to 108.0.5359.128. (#27351) (Changelog for 108.0.5359.128)

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Brave 1.46.153 Released
Friday 6th Jan 2023
https://brave.com/latest/

AND they are a year out!

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Chrome 109.0.5414.74/75 released
Tuesday 10th January 2023
Ref: https://chromereleases.googleblog.com/

Security Fixes

RATED HIGH:
CVE-2023-0128: Use after free in Overview Mode.
CVE-2023-0129: Heap buffer overflow in Network Service.

RATED MEDIUM:
CVE-2023-0130: Inappropriate implementation in Fullscreen API.
CVE-2023-0131: Inappropriate implementation in iframe Sandbox.
CVE-2023-0132: Inappropriate implementation in Permission prompts.
CVE-2023-0133: Inappropriate implementation in Permission prompts.
CVE-2023-0134: Use after free in Cart.
CVE-2023-0135: Use after free in Cart.
CVE-2023-0136: Inappropriate implementation in Fullscreen API.
CVE-2023-0137: Heap buffer overflow in Platform Apps.

RATED LOW:
CVE-2023-0138: Heap buffer overflow in libphonenumber.
CVE-2023-0139: Insufficient validation of untrusted input in Downloads.
CVE-2023-0140: Inappropriate implementation in File System API.
CVE-2023-0141: Insufficient policy enforcement in CORS.

Windows - commercial by definition and now function...

1 user thanked author for this post.

Cybertooth

Reply | Quote

Brave 1.47.171 Released
January 12th 2023
https://brave.com/latest/
See official site for extensive release notes…

Brave Security Fixes:

….[Security] Fixed Brave Wallet showing wrong network when signing DApp messages or transactions. (#26476)

[Security] Added mixed content check for “.onion” URLs as reported on HackerOne by xiaoyinl. (#25939)

[Security] Improved browser privacy by reducing high resolution timer precision as reported on HackerOne by joe12387. (#24681)

[Security] Fixed Brave Today opening non-HTTP or non-HTTPS URLs as reported on HackerOne by nishimunea. (#27602)…..

….Upgraded Chromium to 109.0.5414.87. (#27710)…

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Chrome 109.0.5414.119/ 120 released
24th January 2023
Ref: https://chromereleases.googleblog.com/

Security Fix abbreviated summary:

RATED HIGH:
CVE-2023-0471: Use after free in WebTransport.
CVE-2023-0472: Use after free in WebRTC.

RATED MEDIUM
CVE-2023-0473: Type Confusion in ServiceWorker API.
CVE-2023-0474: Use after free in GuestView.

Brave1.47.186 Released
25th January 2023
https://brave.com/latest/

Release Note Summary:

Added the ability to dismiss the end of support message on Windows 7 and 8.1
Fixed crash when viewing sync QR code in certain cases
Fixed crash in “DomainBlockNavigationThrottle”
Fixed some “$removeparam” filter rules not being applied to document request
Upgraded Chromium to 109.0.5414.119…

Windows - commercial by definition and now function...

Reply | Quote

7th February 2023

Google Chrome Update 110.0.5481.77/.78
Release Notes:
https://chromereleases.googleblog.com/

Brave Update 1.48.158
Release Notes:
https://brave.com/latest/

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Wed 15th February 2023
Brave1.48.164
https://brave.com/latest/

Thu 16th February 2023
Google Chrome 110.0.5481.104
https://chromereleases.googleblog.com/

Both updated to Chromium 110.0.5481.100

Brave (Windows Only) v1.48.167
16th February, 2023
https://brave.com/latest/

Windows - commercial by definition and now function...

Reply | Quote

Chrome Update 110.0.5481.177/ 178
Wednesday 22nd February 2023
ref: https://chromereleases.googleblog.com/

Abbreviated Security Fixes:

RATED CRITICAL:
CVE-2023-0941: Use after free in Prompts.

RATED HIGH:
CVE-2023-0927: Use after free in Web Payments API.
CVE-2023-0928: Use after free in SwiftShader.
CVE-2023-0929: Use after free in Vulkan.
CVE-2023-0930: Heap buffer overflow in Video.
CVE-2023-0931: Use after free in Video.
CVE-2023-0932: Use after free in WebRTC.

RATED MEDIUM:
CVE-2023-0933: Integer overflow in PDF.

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Thursday 24th February 2023
Brave v1.48.171 released
https://brave.com/latest/

[Security] Perform download safety check even when user is prompted for save location as reported on HackerOne by ameenbasha. (#28079)……/
/…Upgraded Chromium to 110.0.5481.177. (#28690) (Changelog for 110.0.5481.177)

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Chrome 111.0.5563.64/65 Released
7th March 2023
Ref: https://chromereleases.googleblog.com/

RATED HIGH:
CVE-2023-1213: Use after free in Swiftshader.
CVE-2023-1214: Type Confusion in V8.
CVE-2023-1215: Type Confusion in CSS.
CVE-2023-1216: Use after free in DevTools.
CVE-2023-1217: Stack buffer overflow in Crash reporting.
CVE-2023-1218: Use after free in WebRTC.
CVE-2023-1219: Heap buffer overflow in Metrics.
CVE-2023-1220: Heap buffer overflow in UMA.

RATED MEDIUM:
CVE-2023-1221: Insufficient policy enforcement in Extensions API.
CVE-2023-1222: Heap buffer overflow in Web Audio API
CVE-2023-1223: Insufficient policy enforcement in Autofill
CVE-2023-1224: Insufficient policy enforcement in Web Payments API
CVE-2023-1225: Insufficient policy enforcement in Navigation
CVE-2023-1226: Insufficient policy enforcement in Web Payments API
CVE-2023-1227: Use after free in Core.
CVE-2023-1228: Insufficient policy enforcement in Intents
CVE-2023-1229: Inappropriate implementation in Permission prompts
CVE-2023-1230: Inappropriate implementation in WebApp Installs
CVE-2023-1231: Inappropriate implementation in Autofill

RATED LOW:
CVE-2023-1232: Insufficient policy enforcement in Resource Timing.
CVE-2023-1233: Insufficient policy enforcement in Resource Timing.
CVE-2023-1234: Inappropriate implementation in Intents.
CVE-2023-1235: Type Confusion in DevTools.
CVE-2023-1236: Inappropriate implementation in Internals.

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

9th March 2023
Brave 1.49.120 released
Security, Web3, Brave Rewards and General Updates
now based on Chromium 111.0.5563.64
https://brave.com/latest/

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Chrome 111.0.5563.110/ 111 Released
21st March 2023
Ref: https://chromereleases.googleblog.com/
Abbreviated fixes:

RATED HIGH:
CVE-2023-1528: Use after free in Passwords.
CVE-2023-1529: Out of bounds memory access in WebHID.
CVE-2023-1530: Use after free in PDF.
CVE-2023-1531: Use after free in ANGLE.
CVE-2023-1532: Out of bounds read in GPU Video.
CVE-2023-1533: Use after free in WebProtect.
CVE-2023-1534: Out of bounds read in ANGLE.

22nd March 2023
Brave 1.49.128 Released
Ref: https://brave.com/latest/
Various fixes and additions whilst upgraded Chromium to 111.0.5563.110

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

27th March 2023
Google Chrome 111.0.5563.146/.147 released
https://chromereleases.googleblog.com/

28th March 2023
Brave/1.49.132 released
https://brave.com/latest/

Web3
Fixed issue with multiple onboarding tabs opening up for Magic Eden. (#28546)

General
Disabled keyboard shortcut for “Copy clean link” on macOS by default. (#29303)
Upgraded Chromium to 111.0.5563.147. (#29341) (Changelog for 111.0.5563.147)

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Google Chrome 112.0.5615.49/50
4th April 2023
Ref: https://chromereleases.googleblog.com/

Abbreviated Security Fixes

RATED HIGH:
CVE-2023-1810: Heap buffer overflow in Visuals.
CVE-2023-1811: Use after free in Frames.

RATED MEDIUM:
CVE-2023-1812: Out of bounds memory access in DOM Bindings.
CVE-2023-1813: Inappropriate implementation in Extensions.
CVE-2023-1814: Insufficient validation of untrusted input in Safe Browsing.
CVE-2023-1815: Use after free in Networking APIs.
CVE-2023-1816: Incorrect security UI in Picture In Picture.
CVE-2023-1817: Insufficient policy enforcement in Intents.
CVE-2023-1818: Use after free in Vulkan.
CVE-2023-1819: Out of bounds read in Accessibility.
CVE-2023-1820: Heap buffer overflow in Browser History.

RATED LOW:
CVE-2023-1821: Inappropriate implementation in WebShare.
CVE-2023-1822: Incorrect security UI in Navigation.
CVE-2023-1823: Inappropriate implementation in FedCM.

April 5th 2023
Brave 1.50.114 Released
Ref: https://brave.com/latest/
(see site release notes)

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

12th April 2023
Stable Channel Update for Desktop
Google Chrome 112.0.5615.86/87 released
REF: https://chromereleases.googleblog.com/

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

13th April 2023
Brave 1.50.118 Released
To view release notes:
https://brave.com/latest/

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

14th April 2023

URGENT!

Chrome112.0.5615.121 released
This one fixes the exploit for CVE 2023-2033 which exists in-the-wild!
Ref: https://chromereleases.googleblog.com/

Abbreviated info:

RATED HIGH:
CVE-2023-2033: Type Confusion in V8.
Google is aware that an exploit for CVE-2023-2033 exists in the wild…./
/..Various fixes from internal audits, fuzzing and other initiatives

URGENT!

Brave 1.50.119 Released
15th April 2023
Release notes available over on:
https://brave.com/latest/

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

URGENT: actively exloited Zero Day!

Chrome 112.0.5615.137/138 Released
18th April 2023
ref: https://chromereleases.googleblog.com

Abbreviated security updates:

RATED HIGH:
CVE-2023-2133: Out of bounds memory access in Service Worker API.
CVE-2023-2134: Out of bounds memory access in Service Worker API.
CVE-2023-2135: Use after free in DevTools.
CVE-2023-2136: Integer overflow in Skia.

RATED MEDIUM:
CVE-2023-2137: Heap buffer overflow in sqlite.

Windows - commercial by definition and now function...

Reply | Quote

19th April 2023
Brave 1.50.121 Released
Release Notes: https://brave.com/latest/

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Chrome 113.0.5672.63/ 64 released
2nd May 2023
Ref: https://chromereleases.googleblog.com/

Abbreviated Security Fixes:

RATED MEDIUM:
CVE-2023-2459: Inappropriate implementation in Prompts.
CVE-2023-2460: Insufficient validation of untrusted input in Extensions.
CVE-2023-2461: Use after free in OS Inputs.
CVE-2023-2462: Inappropriate implementation in Prompts.
CVE-2023-2463: Inappropriate implementation in Full Screen Mode.
CVE-2023-2464: Inappropriate implementation in PictureInPicture.
CVE-2023-2465: Inappropriate implementation in CORS.

RATED LOW:
CVE-2023-2466: Inappropriate implementation in Prompts.
CVE-2023-2467: Inappropriate implementation in Prompts.
CVE-2023-2468: Inappropriate implementation in PictureInPicture.

Windows - commercial by definition and now function...

Reply | Quote

3rd May 2023
Brave 1.51.110 Released
Changelog link:
https://brave.com/latest/

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Brave v1.51.114 Released
9th May, 2023
Ref: https://brave.com/latest/

Release Notes:

Web3
[Security] Fixed Brave Wallet binding issue as reported (#30204).

Upgraded Chromium to 113.0.5672.92…

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Brave v1.51.118 Released
17th May 2023
Ref: https://brave.com/latest/

Web3
Fixed NFT pinning status background and text color. (#30219)

General
Implemented per-device WebUSB serial farbling. (#30041)
Fixed saved passwords being removed from brave://settings/passwords and sync failure when restarting Brave on certain Linux distros. (#30147)
Upgraded Chromium to 113.0.5672.126

Windows - commercial by definition and now function...

Reply | Quote

Chrome 113.5672.126/ 127 released for Windows
May 16th, 2023
Ref: https://chromereleases.googleblog.com/

Abbreviated Security Fixes

RATED CRITICAL
CVE-2023-2721: Use after free in Navigation.

RATED HIGH:
CVE-2023-2722: Use after free in Autofill UI
CVE-2023-2723: Use after free in DevTools
CVE-2023-2724: Type Confusion in V8
CVE-2023-2725: Use after free in Guest View

RATED MEDIUM
CVE-2023-2726: Inappropriate implementation in WebApp Installs

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Chrome 114.0.5735.90/91 Released
Tuesday 30th May 2023
Ref: https://chromereleases.googleblog.com/

Abbreviatted Security Fixes:

RATED HIGH:
CVE-2023-2929: Out of bounds write in Swiftshader.
CVE-2023-2930: Use after free in Extensions.
CVE-2023-2931: Use after free in PDF.
CVE-2023-2932: Use after free in PDF.
CVE-2023-2933: Use after free in PDF.
CVE-2023-2934: Out of bounds memory access in Mojo.
CVE-2023-2935: Type Confusion in V8.
CVE-2023-2936: Type Confusion in V8.

RATED MEDIUM:
CVE-2023-2937 & CVE-2023-2938:Inappropriate implementation witin Picture In Picture.
CVE-2023-2939: Insufficient data validation in Installer.
CVE-2023-2940: Inappropriate implementation in Downloads.

RATED LOW:
CVE-2023-2941: Inappropriate implementation in Extensions API.

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

31st May 2023
Brave 1.52.117 released
https://brave.com/latest/
See official release note link above for extensive fixes and updates in this version.

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

2nd June 2023
Brave 1.52.119 Released (Windows Only)
REF: https://brave.com/latest/

Release Notes:

Fixed intermittent “Failed to write the VPN config” errors which could prevent users from using Brave VPN in certain cases on Windows.

Windows - commercial by definition and now function...

Reply | Quote

June 5th 2023
Chrome 114.0.5735.110 released
Release notes:
https://chromereleases.googleblog.com/

June 6th 2023
Brave v1.52.122 released
based on chromium 114.0.5735.110
Release notes:
https://brave.com/latest/

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Chrome 114.0.5735.133/134 released
13th June 2023
Source: https://chromereleases.googleblog.com/
Security fixes abbreviated:

RATED CRITICAL:
CVE-2023-3214: Use after free in Autofill payments.

RATED HIGH:
CVE-2023-3215: Use after free in WebRTC.
CVE-2023-3216: Type Confusion in V8.
CVE-2023-3217: Use after free in WebXR.

Brave 1.52.126 due to be released soon..
14th June 2023
Ref: https://brave.com/latest/

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Google Chrome 114.0.5735.198/199 released
June 26th 2023
Ref: https://chromereleases.googleblog.com/
Abbreviated fixes:

RATED HIGH:
CVE-2023-3420: Type Confusion in V8.
CVE-2023-3421: Use after free in Media.
CVE-2023-3422: Use after free in Guest View.

Brave 1.52.129 released
28th June 2023
ref: https://brave.com/latest/

Upgraded Chromium to 114.0.5735.198..

Windows - commercial by definition and now function...

Reply | Quote

Brave 1.52.130 Released
7th July 2023
release notes: https://brave.com/latest/

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Google Chrome 115.0.5790.98/99 Stable released
18th July 2023
Release notes link:
https://chromereleases.googleblog.com/

Windows - commercial by definition and now function...

Reply | Quote

Brave v1.56.9 Released
19th July 2023

Changelog: https://brave.com/latest/
Quite a heavy changelog so, I’ll let the source link provide info

Note: Changes to release channels

Release Channel will go from 1.53.x to 1.56.x
Beta Channel will go from 1.54.x to 1.57.x
Nightly Channel will go from 1.55.x to 1.58.x

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Google Chrome 115.0.5790.102 released
20th July 2023
Official Announcement:
https://chromereleases.googleblog.com/

Windows - commercial by definition and now function...

2 users thanked author for this post.

Just another Forum Poster, Alex5723

Reply | Quote

Brave 1.56.11 released
21st July 2023
https://brave.com/latest/

Upgraded Chromium to 115.0.5790.102

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Google Chrome 115.0.5790.110 released
25th July 2023
Official announcement:
https://chromereleases.googleblog.com/

Windows - commercial by definition and now function...

2 users thanked author for this post.

Just another Forum Poster, Alex5723

Reply | Quote

Brave v1.56.14 Released
26th July 2023
https://brave.com/latest/

Upgraded Chromium to 115.0.5790.114

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Google Chrome 115.0.5790.170/.171 released 2nd August 2023

Ref: https://chromereleases.googleblog.com/

HIGH
CVE-2023-4068: Type Confusion in V8.
CVE-2023-4069: Type Confusion in V8.
CVE-2023-4070: Type Confusion in V8
CVE-2023-4071: Heap buffer overflow in Visuals
CVE-2023-4072: Out of bounds read and write in WebGL
CVE-2023-4073: Out of bounds memory access in ANGLE.
CVE-2023-4074: Use after free in Blink Task Scheduling
CVE-2023-4075: Use after free in Cast
CVE-2023-4076: Use after free in WebRTC

MEDIUM
CVE-2023-4077: Insufficient data validation in Extensions
CVE-2023-4078: Inappropriate implementation in Extensions

Brave v1.56.20 released 3rd August 2023
Ref: https://brave.com/latest/

Windows - commercial by definition and now function...

2 users thanked author for this post.

Just another Forum Poster, Alex5723

Reply | Quote

15th August 2023 Releases

Google Chrome 116.0.5845.96/ 97
https://chromereleases.googleblog.com/
26 Security fixes for this version:
Abbreviated list of fixes include:

HIGH
CVE-2023-2312: Use after free in Offline
CVE-2023-4349: Use after free in Device Trust Connectors.
CVE-2023-4350: Inappropriate implementation in Fullscreen.
CVE-2023-4351: Use after free in Network
CVE-2023-4352: Type Confusion in V8
CVE-2023-4353: Heap buffer overflow in ANGLE
CVE-2023-4354: Heap buffer overflow in Skia
CVE-2023-4355: Out of bounds memory access in V8
CVE-2023-4356: Use after free in Audio

MEDIUM
CVE-2023-4357: Insufficient validation of untrusted input in XML.
CVE-2023-4358: Use after free in DNS
CVE-2023-4359: Inappropriate implementation in App Launcher.
CVE-2023-4360: Inappropriate implementation in Color.
CVE-2023-4361: Inappropriate implementation in Autofill
CVE-2023-4362: Heap buffer overflow in Mojom IDL
CVE-2023-4363: Inappropriate implementation in WebShare.
CVE-2023-4364: Inappropriate implementation in Permission Prompts
CVE-2023-4365: Inappropriate implementation in Fullscreen.
CVE-2023-4366: Use after free in Extensions
CVE-2023-4367: Insufficient policy enforcement in Extensions API.
CVE-2023-4368: Insufficient policy enforcement in Extensions API.

Brave v1.57.47
https://brave.com/latest/
Fixes to Web3, Rewards and General functions whilst
bringing the browser in-line with Chromium 116.0.5845.96
See link for further details…

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Brave 1.57.49 released
17th August 2023
https://brave.com/latest/

Fixed startup crash on Windows* caused by adding a non-existent or empty custom filter list.

emphasis of OS affected*

Windows - commercial by definition and now function...

Reply | Quote

Google Chrome 116.0.5845.110/111
22nd August 2023
REF: https://chromereleases.googleblog.com/

Five Security Fixes (abbreviated)

RATED HIGH:
CVE-2023-4430: Use after free in Vulkan.
CVE-2023-4429: Use after free in Loader.
CVE-2023-4428: Out of bounds memory access in CSS.
CVE-2023-4427: Out of bounds memory access in V8.

RATED MEDIUM:
CVE-2023-4431: Out of bounds memory access in Fonts.

Brave 1.57.53
August 23rd 2023
Ref: https://brave.com/latest/

Abbreviated fix list

Security:
Fixed browser crash as reported on HackerOne by 0xc4gr1
Fixed browser crash as reported on HackerOne by neeythann.

Functionality
Fixed missing “Open Guest profile” keyboard shortcut.
Fixed issue where Brave would not relaunch via the taskbar icon in certain cases on Windows.
Fixed issue where permission dialog wa.

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Google Chrome 116.0.5845.140/ 141
29th August 2023
Ref: https://chromereleases.googleblog.com/

Security Fixes (1):
RATED HIGH:
CVE-2023-4572: Use after free in MediaStream.

Brave 1.57.57
30th August 2023
ref: https://brave.com/latest/

See above link for more info..
Various general and two security issues fixed whilst elevating the browser baseline to Chromium 116.0.5845.163

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Google Chrome 116.0.5845.179/ 180
5th September 2023
Ref: https://chromereleases.googleblog.com/

(Abbreviated) Security Fixes:

RATED HIGH:
CVE-2023-4761: Out of bounds memory access in FedCM.
CVE-2023-4762: Type Confusion in V8
CVE-2023-4763: Use after free in Networks.
CVE-2023-4764: Incorrect security UI in BFCache.

Brave 1.57.62
6th September 2023
Ref: https://brave.com/latest/

Upgraded to Chromium 116.0.5845.180

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Update Chrome ASAP! Critical security issue exploited in the wild

Google released an emergency security update for its Chrome web browser that addresses a critical security issue that is exploited in the wild.

Chrome users are encouraged to update the stable version of the web browser to the new version immediately to protect the browser against potential attacks…

Chrome on Linux or Mac systems: 116.0.5845.187
Chrome on Windows devices: 116.0.5845.187 or 116.0.5845.188
Chrome Extended Stable for Mac: 116.0.5845.187
Chrome Extended Stable for Windows: 116.0.5845.188

https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html

[$NA][1479274] Critical CVE-2023-4863: Heap buffer overflow in WebP. Reported by Apple Security Engineering and Architecture (SEAR) and The Citizen Lab at The University of Torontoʼs Munk School on 2023-09-06..

Google Chrome Portable 116.0.5845.188

1 user thanked author for this post.

Microfix

Reply | Quote

Google Chrome Portable 117.0.5938.63 Stable

https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_12.html

Chrome 117.0.5938.62 (Linux and Mac), 117.0.5938.62/.63( Windows) contains a number of fixes and improvements — a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 117.

This update includes 16 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$NA][1479274] Critical CVE-2023-4863: Heap buffer overflow in WebP. Reported by Apple Security Engineering and Architecture (SEAR) and The Citizen Lab at The University of Torontoʼs Munk School on 2023-09-06

[$3000][1430867] Medium CVE-2023-4900: Inappropriate implementation in Custom Tabs. Reported by Levit Nudi from Kenya on 2023-04-06

[$3000][1459281] Medium CVE-2023-4901: Inappropriate implementation in Prompts. Reported by Kang Ali on 2023-06-29

[$2000][1454515] Medium CVE-2023-4902: Inappropriate implementation in Input. Reported by Axel Chong on 2023-06-14

[$1000][1446709] Medium CVE-2023-4903: Inappropriate implementation in Custom Mobile Tabs. Reported by Ahmed ElMasry on 2023-05-18

[$1000][1453501] Medium CVE-2023-4904: Insufficient policy enforcement in Downloads. Reported by Tudor Enache @tudorhacks on 2023-06-09

[$500][1441228] Medium CVE-2023-4905: Inappropriate implementation in Prompts. Reported by Hafiizh on 2023-04-29

[$6000][1449874] Low CVE-2023-4906: Insufficient policy enforcement in Autofill. Reported by Ahmed ElMasry on 2023-05-30

[$2000][1462104] Low CVE-2023-4907: Inappropriate implementation in Intents. Reported by Mohit Raj (shadow2639) on 2023-07-04

[$TBD][1451543] Low CVE-2023-4908: Inappropriate implementation in Picture in Picture. Reported by Axel Chong on 2023-06-06

[$TBD][1463293] Low CVE-2023-4909: Inappropriate implementation in Interstitials. Reported by Axel Chong on 2023-07-09..

1 user thanked author for this post.

Microfix

Reply | Quote

Chrome 117.0.5938.88 for Mac and Linux
117.0.5938.88/.89 for Windows

https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_15.html

1 user thanked author for this post.

Microfix

Reply | Quote

Google Chrome Portable 117.0.5938.89 Stable

Reply | Quote

Brave 1.58.127

*Upgraded Chromium to 117.0.5938.88. (#33052)

1 user thanked author for this post.

Microfix

Reply | Quote

Google Chrome 117.0.5938.132 (fix 0 day )

..This update includes 10 security fixes

Google is aware that an exploit for CVE-2023-5217 exists in the wild…

[$NA][1486441] High CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx. Reported by Clément Lecigne of Google’s Threat Analysis Group on 2023-09-25

[$TBD][1478889] High CVE-2023-5186: Use after free in Passwords. Reported by [pwn2car] on 2023-09-05

[$2000][1475798] High CVE-2023-5187: Use after free in Extensions. Reported by Thomas Orlita on 2023-08-25..

1 user thanked author for this post.

Microfix

Reply | Quote

GoogleChromePortable64_117.0.5938.132

GoogleChromePortable_117.0.5938.132

Reply | Quote

Brave 1.58.135
August 28th 2023
Ref: https://brave.com/latest/

Added Argentina, France, and Germany content feed support for Brave News. (#33251 & #32416). Upgraded Chromium to 117.0.5938.140. (#33282)
Changelog for 117.0.5938.140

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Chrome 118.0.5993.70 released
10th October 2023
Resource: https://chromereleases.googleblog.com/

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

This update plugs 20 security holes, see above link for more details.

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Brave v1.59.117 released
11th Oct 2023
Ref: https://brave.com/latest/
Update with bug and security fixes see link for details.
Upgraded Chromium to 118.0.5993.70

More info available over on ghacks.net by Martin Binkmann:
https://www.ghacks.net/2023/10/12/brave-browser-1-59-is-here-with-security-and-crash-fixes/

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Google Chrome 119 fixes 15 security issues and privacy changes

Google published a new stable version of its Chrome web browser for all supported operating systems. Chrome 119 is a security update first and foremost, but it does introduce new features and capabilities as well. Noteworthy are options to save, restore and sync tab groups, deprecation and removal of WebSQL and a dedicated setting for the Permission Suggestions Service…

https://chromereleases.googleblog.com/

Reply | Quote

Google Chrome Portable LegacyWin7 64_109.0.5414.120

Google Chrome Portable LegacyWin7_109.0.5414.120

Reply | Quote

FYI

1) These Google Chrome Portable 109.0.5414.120 were actually released back in January-February 2023 and the last to support Windows 7 / 8/8.1 and Windows Server 2012 and 2012 R2 :

https://www.askwoody.com/forums/topic/chrome-brave-browser-updates/#post-2528117

https://www.askwoody.com/forums/topic/windows-7-chrome-portable-legacy-109-0-5414-120/

https://support.google.com/chrome/thread/185534985/sunsetting-support-for-windows-7-8-8-1-and-windows-server-2012-and-2012-r2-in-early-2023?hl=en

2) I believe they are only meant for use with these legacy Windows systems and NOT Windows 10 and above as they do not have the latest security fixes.

HTH.

Reply | Quote

Brave v1.60.110

* Added Brave Leo – AI for questions and answers

Reply | Quote

Google Chrome 120 update fixes 9 security issues

..Here is the list of disclosed vulnerabilities:

[$16000][1501326] High CVE-2023-6702: Type Confusion in V8. Reported by Zhiyi Zhang and Zhunki from Codesafe Team of Legendsec at Qi’anxin Group on 2023-11-10

[$7000][1502102] High CVE-2023-6703: Use after free in Blink. Reported by Cassidy Kim(@cassidy6564) on 2023-11-14

[$7000][1504792] High CVE-2023-6704: Use after free in libavif. Reported by Fudan University on 2023-11-23

[$7000][1505708] High CVE-2023-6705: Use after free in WebRTC. Reported by Cassidy Kim(@cassidy6564) on 2023-11-28

[$6000][1500921] High CVE-2023-6706: Use after free in FedCM. Reported by anonymous on 2023-11-09

[$7000][1504036] Medium CVE-2023-6707: Use after free in CSS. Reported by @ginggilBesel on 2023-11-21..

GoogleChromePortable64_120.0.6099.110_online.paf.exe

GoogleChromePortable_120.0.6099.110_online.paf.exe

Reply | Quote

https://chromereleases.googleblog.com/2023/12/stable-channel-update-for-desktop_20.html

120.0.6099.129 for Mac,Linux and 120.0.6099.129/130 to Windows

This update includes 1 security fix (0 day)

High CVE-2023-7024: Heap buffer overflow in WebRTC. Reported by Clément Lecigne and Vlad Stolyarov of Google’s Threat Analysis Group on 2023-12-19

Google is aware that an exploit for CVE-2023-7024 exists in the wild.

Reply | Quote

Google Chrome Portable 120.0.6099.130

Reply | Quote

https://blog.google/products/chrome/google-chrome-december-2023-update/

…A more personalized and proactive Safety Check

Safety Check for Chrome on desktop will now run automatically in the background. You’ll get proactively alerted if passwords saved in Chrome have been compromised, any of your extensions are potentially harmful, you’re not using the latest version of Chrome, or site permissions need your attention. These alerts will appear in the three-dot menu in Chrome so you can take action.

We’re also extending Safety Check to revoke sites’ permissions — like access to your location or microphone — if you haven’t visited them in a long time. And Safety Check will now flag if you’re getting a lot of notifications from sites you don’t engage with that much, so you can easily disable them…

Reply | Quote

21 December 2023:
Brave 1.61.109 released

Fixed crash when closing tabs on macOS in certain cases. (#34909)

Upgraded Chromium to 120.0.6099.144. (#34988) (Changelog for 120.0.6099.144)

https://brave.com/latest/

Windows - commercial by definition and now function...

2 users thanked author for this post.

Paul, Alex5723

Reply | Quote

Google Chrome 120.0.6099.200

Release notes

[$15000][1501798] High CVE-2024-0222: Use after free in ANGLE. Reported by Toan (suto) Pham of Qrious Secure on 2023-11-13
[$15000][1505009] High CVE-2024-0223: Heap buffer overflow in ANGLE. Reported by Toan (suto) Pham and Tri Dang of Qrious Secure on 2023-11-24
[$10000][1505086] High CVE-2024-0224: Use after free in WebAudio. Reported by Huang Xilin of Ant Group Light-Year Security Lab on 2023-11-25
[$TBD][1506923] High CVE-2024-0225: Use after free in WebGPU. Reported by Anonymous on 2023-12-01

Google Chrome Portable 120.0.6099.200

Reply | Quote

Brave 1.61.114

“Fixed uninstall process affecting Brave VPN on Windows. (#35006)
Upgraded Chromium to 120.0.6099.199. (#35108)”

Brave Portable 1.61.109

Reply | Quote

Google Chrome 120.0.6099.217

[$TBD][1513379] High CVE-2024-0333: Insufficient data validation in Extensions. Reported by Malcolm Stagg (@malcolmst) of SODIUM-24, LLC on 2023-12-20

Google Chrome Portable 120.0.6099.217

https://sourceforge.net/projects/portableapps/files/Google%20Chrome%20Portable/GoogleChromePortable64_120.0.6099.217_online.paf.exe/download

https://sourceforge.net/projects/portableapps/files/Google%20Chrome%20Portable/GoogleChromePortable_120.0.6099.217_online.paf.exe/download

Reply | Quote

Chrome 120.0.6099.225 released.
16th January 2024
(Fixes in-the-wild ZERO-DAY!)

Ref: https://chromereleases.googleblog.com/search/label/Stable%20updates

Abbreviated:

High CVE-2024-0517: Out of bounds write in V8
High CVE-2024-0518: Type Confusion in V8
High CVE-2024-0519: Out of bounds memory access in V8

Patch ASAP!

Windows - commercial by definition and now function...

2 users thanked author for this post.

Alex5723, pmcjr6142

Reply | Quote

Google Chrome Portable 120.0.6099.225 Stable

Reply | Quote

Brave 1.61.120
January 17th 2024
Ref: https://brave.com/latest/

Upgraded Chromium to 120.0.6099.234

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Google Chrome 121.0.6167.86, 121.0.6167.85

[$11000][1505080] High CVE-2024-0807: Use after free in WebAudio. Reported by Huang Xilin of Ant Group Light-Year Security Lab on 2023-11-25
[$9000][1484394] High CVE-2024-0812: Inappropriate implementation in Accessibility. Reported by Anonymous on 2023-09-19
[$6000][1504936] High CVE-2024-0808: Integer underflow in WebUI. Reported by Lyra Rebane (rebane2001) on 2023-11-24
[$2000][1496250] Medium CVE-2024-0810: Insufficient policy enforcement in DevTools. Reported by Shaheen Fazim on 2023-10-26
[$1000][1463935] Medium CVE-2024-0814: Incorrect security UI in Payments. Reported by Muneaki Nishimura (nishimunea) on 2023-07-11
[$1000][1477151] Medium CVE-2024-0813: Use after free in Reading Mode. Reported by @retsew0x01 on 2023-08-30
[$1000][1505176] Medium CVE-2024-0806: Use after free in Passwords. Reported by 18楼梦想改造家 on 2023-11-25
[TBD][1514925] Medium CVE-2024-0805: Inappropriate implementation in Downloads. Reported by Om Apip on 2024-01-01
[TBD][1515137] Medium CVE-2024-0804: Insufficient policy enforcement in iOS Security UI. Reported by Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) on 2024-01-03
[N/A][1494490] Low CVE-2024-0811: Inappropriate implementation in Extensions API. Reported by Jann Horn of Google Project Zero on 2023-10-21
[TBD][1497985] Low CVE-2024-0809: Inappropriate implementation in Autofill. Reported by Ahmed ElMasry on 2023-10-31
[1520680] Various fixes from internal audits, fuzzing and other initiatives

Release notes

https://chromium.googlesource.com/chromium/src/+log/120.0.6099.225..121.0.6167.86?pretty=fuller&n=10000

Reply | Quote

Google added 3 AI features to Chrome 121

https://www.ghacks.net/2024/01/24/chrome-121-ships-with-security-updates-and-new-ai-tools/

Tab Organizer
AI theme creation
AI-assisted writing

Reply | Quote

“only available to a limited number of users from the United States who are signed-in to the browser.”

Reply | Quote

The following registry entries will disable those 3 AI features.

Code:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Google\Chrome]
"CreateThemesSettings"=dword:00000002
"HelpMeWriteSettings"=dword:00000002
"TabOrganizerSettings"=dword:00000002

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Policies\Google\Chrome]
"CreateThemesSettings"=dword:00000002
"HelpMeWriteSettings"=dword:00000002
"TabOrganizerSettings"=dword:00000002

Simply copy the above text, save it as a .reg file, and merge it to apply them.

1 user thanked author for this post.

Alex5723

Reply | Quote

n0ads wrote:

The following registry entries will disable those 3 AI features

I am not going to ‘contaminate’ Windows OS registry to block features that should have been blocked in chrome://flags/ settings.

Reply | Quote

Alex5723 wrote:

AI-assisted writing

“Help me write” (which isn’t mentioned in that ghacks article) doesn’t arrive for anyone until next month.

Reply | Quote

Google Chrome Portable64_121.0.6167.86

Google Chrome Portable_121.0.6167.86

Reply | Quote

Brave 1.62.153
25th January 2024
Extensive Release Notes:
https://brave.com/latest/

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Google Chrome 121.0.6167.140/139

[$5000][1511567] High CVE-2024-1060: Use after free in Canvas. Reported by Anonymous on 2023-12-14
[$3000][1514777] High CVE-2024-1059: Use after free in WebRTC. Reported by Cassidy Kim(@cassidy6564) on 2023-12-29
[N/A][1511085] High CVE-2024-1077: Use after free in Network. Reported by Microsoft Security Research Center on 2023-12-13
[1523290] Various fixes from internal audits, fuzzing and other initiatives

GoogleChromePortable64_121.0.6167.140

GoogleChromePortable_121.0.6167.140

Reply | Quote

Brave 1.62.156

Release notes

1 user thanked author for this post.

Microfix

Reply | Quote

Google Chrome Portable 121.0.6167.161

The Stable channel has been updated to 121.0.6167.160 for Mac and Linux and 121.0.6167.160/161 to Windows

“This update includes 3 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$5000][41494539] High CVE-2024-1284: Use after free in Mojo. Reported by Anonymous on 2024-01-25

[$TBD][41494860] High CVE-2024-1283: Heap buffer overflow in Skia. Reported by Jorge Buzeti (@r3tr074) on 2024-01-25

[324073667] Various fixes from internal audits, fuzzing and other initiatives”

Reply | Quote

Brave 1.62.162

“Fixed signing Solana DApp transactions using Ledger. (#35802)
Upgraded Chromium to 121.0.6167.164. (#35844) (Changelog for 121.0.6167.164)”

Reply | Quote

Google Chrome 121.0.6167.184/185 / 120.0.6099.291

This update includes 1 security fix.
[325069765] Various fixes from internal audits, fuzzing and other initiatives

Reply | Quote

Google Chrome Portable64_121.0.6167.185

Google Chrome Portable_121.0.6167.185

Reply | Quote

Brave 1.62.165

Release notes

Reply | Quote

Chrome 122.0.6261.57/.58

This update includes 12 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$7000][41495060] High CVE-2024-1669: Out of bounds memory access in Blink. Reported by Anonymous on 2024-01-26

[$5000][41481374] High CVE-2024-1670: Use after free in Mojo. Reported by Cassidy Kim(@cassidy6564) on 2023-12-06

[$8000][41487933] Medium CVE-2024-1671: Inappropriate implementation in Site Isolation. Reported by Harry Chen on 2024-01-03

[$3000][41485789] Medium CVE-2024-1672: Inappropriate implementation in Content Security Policy. Reported by Georg Felber (TU Wien) & Marco Squarcina (TU Wien) on 2023-12-19

[$2000][41490491] Medium CVE-2024-1673: Use after free in Accessibility. Reported by Weipeng Jiang (@Krace) of VRI on 2024-01-11

[$1000][40095183] Medium CVE-2024-1674: Inappropriate implementation in Navigation. Reported by David Erceg on 2019-05-27

[$1000][41486208] Medium CVE-2024-1675: Insufficient policy enforcement in Download. Reported by Bartłomiej Wacko on 2023-12-21

[$1000][40944847] Low CVE-2024-1676: Inappropriate implementation in Navigation. Reported by Khalil Zhani on 2023-11-21

[326063910] Various fixes from internal audits, fuzzing and other initiatives

Google Chrome Portable64_122.0.6261.58

Google Chrome Portable_122.0.6261.58

Reply | Quote

Chrome 122.0.6261.69/.70

Google Chrome Portable64_122.0.6261.70

Google Chrome Portable_122.0.6261.70

Reply | Quote

Brave 1.63.161

Release notes

Reply | Quote

Chrome 122.0.6261.94 for Mac,Linux and 122.0.6261.94/.95 to Windows

This update includes 4 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$7000][324596281] High : Type Confusion in V8. Reported by 5f46f4ee2e17957ba7b39897fb376be8 on 2024-02-11

[$7000][323694592] High : Type Confusion in V8. Reported by Bohan Liu (@P4nda20371774) of Tencent Security Xuanwu Lab on 2024-02-05

[326980493] Various fixes from internal audits, fuzzing and other initiatives

Reply | Quote

Google Chrome Portable 122.0.6261.95

Reply | Quote

Brave 1.63.165

Release notes

Reply | Quote

Google Chrome 122.0.6261.111/.112 for Windows and Mac and 122.0.6261.111 to Linux

This update includes 3 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$12000][325893559] High CVE-2024-2173: Out of bounds memory access in V8. Reported by 5fceb6172bbf7e2c5a948183b53565b9 on 2024-02-19

[$7000][325866363] High CVE-2024-2174: Inappropriate implementation in V8. Reported by 5f46f4ee2e17957ba7b39897fb376be8 on 2024-02-19

[$6000][325936438] High CVE-2024-2176: Use after free in FedCM. Reported by Anonymous on 2024-02-20

Reply | Quote

Google Chrome Portable64_122.0.6261.112

Google Chrome Portable_122.0.6261.112

Reply | Quote

Brave 1.63.169

Release notes

Reply | Quote

Google Chrome 122.0.6261.128/.129

[TBD][327696052] High CVE-2024-2400: Use after free in Performance Manager. Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab on 2024-03-01

Reply | Quote

Google Chrome Portable64_122.0.6261.129

Google Chrome Portable_122.0.6261.129

Reply | Quote

Google Chrome Portable 123.0.6312.59

https://chromereleases.googleblog.com/

”
This update includes 12 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[TBD][327740539] High CVE-2024-2625: Object lifecycle issue in V8. Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team on 2024-03-01

[$10000][40945098] Medium CVE-2024-2626: Out of bounds read in Swiftshader. Reported by Cassidy Kim(@cassidy6564) on 2023-11-22

[$4000][41493290] Medium CVE-2024-2627: Use after free in Canvas. Reported by Anonymous on 2024-01-21

[$3000][41487774] Medium CVE-2024-2628: Inappropriate implementation in Downloads. Reported by Ath3r1s on 2024-01-03

[$2000][41487721] Medium CVE-2024-2629: Incorrect security UI in iOS. Reported by Muneaki Nishimura (nishimunea) on 2024-01-02

[$1000][41481877] Medium CVE-2024-2630: Inappropriate implementation in iOS. Reported by James Lee (@Windowsrcer) on 2023-12-07

[$2000][41495878] Low CVE-2024-2631: Inappropriate implementation in iOS. Reported by Ramit Gangwar on 2024-01-29

[330304003] Various fixes from internal audits, fuzzing and other initiatives”

https://www.ghacks.net/2024/03/20/google-chrome-123-launches-with-security-fixes-and-google-update-changes-on-windows/

Reply | Quote

Brave 1.64.109

Change Log

Brave Portable 1.63.169

Reply | Quote

Google Chrome 123.0.6312.86/87

“Google Chrome 123.0.6312.86 fixes:

[$10000][327807820] Critical CVE-2024-2883: Use after free in ANGLE. Reported by Cassidy Kim(@cassidy6564) on 2024-03-03
[TBD][328958020] High CVE-2024-2885: Use after free in Dawn. Reported by wgslfuzz on 2024-03-11
[N/A][330575496] High CVE-2024-2886: Use after free in WebCodecs. Reported by Seunghyun Lee (@0x10n) of KAIST Hacking Lab, via Pwn2Own 2024 on 2024-03-21
[N/A][330588502] High CVE-2024-2887: Type Confusion in WebAssembly. Reported by Manfred Paul, via Pwn2Own 2024 on 2024-03-21
[331221727] Various fixes from internal audits, fuzzing and other initiatives”

Reply | Quote

Brave 1.64.113

Release notes

Reply | Quote

Google Chrome Portable64_123.0.6312.106

Google Chrome Portable_123.0.6312.106

Another Google Chrome 0-day vulnerability fixed: update asap

0-day JavaScript vulnerability
The vulnerability was shown to the public during the Pwn2Own hacking contest in March 2024 for the first time. Demoed by security researchers Edouard Bochin and Tao Yan, the researchers managed to exploit Chrome and also Microsoft Edge during the competition using the exploit.

https://chromereleases.googleblog.com/

123.0.6312.105/.106/.107 for Windows and Mac and 123.0.6312.105 to Linux

This update includes 3 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$7000][329130358] High CVE-2024-3156: Inappropriate implementation in V8. Reported by Zhenghang Xiao (@Kipreyyy) on 2024-03-12

[$3000][329965696] High CVE-2024-3158: Use after free in Bookmarks. Reported by undoingfish on 2024-03-17

[N/A][330760873] High CVE-2024-3159: Out of bounds memory access in V8. Reported by Edouard Bochin (@le_douds) and Tao Yan (@Ga1ois) of Palo Alto Networks, via Pwn2Own 2024 on 2024-03-22

Reply | Quote

Chrome 123.0.6312.122/.123 for Windows 123.0.6312.122/.123/.124 for Mac and 123.0.6312.122 to Linux

“This update includes 3 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$21000][331237485] High CVE-2024-3157: Out of bounds write in Compositing. Reported by DarkNavy on 2024-03-26

[$10000][328859176] High CVE-2024-3516: Heap buffer overflow in ANGLE. Reported by Bao (zx) Pham and Toan (suto) Pham of Qrious Secure on 2024-03-09

[$10000][331123811] High CVE-2024-3515: Use after free in Dawn. Reported by wgslfuzz on 2024-03-25”

Google Chrome Portable64_123.0.6312.123

Google Chrome Portable_123.0.6312.123

Reply | Quote

Brave 1.64.122

Release notes

Reply | Quote

Google Chrome Portable64_124.0.6367.79

Google Chrome Portable_124.0.6367.79

https://chromereleases.googleblog.com/

“The Stable channel has been updated to 124.0.6367.78/.79 for Windows and Mac and 124.0.6367.78 to Linux”

“The Extended Stable channel has been updated to 124.0.6367.78/.79 for Windows and Mac”

This update includes 4 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$16000][332546345] Critical CVE-2024-4058: Type Confusion in ANGLE. Reported by Toan (suto) Pham and Bao (zx) Pham of Qrious Secure on 2024-04-02

[TBD][333182464] High CVE-2024-4059: Out of bounds read in V8 API. Reported by Eirik on 2024-04-08

[TBD][333420620] High CVE-2024-4060: Use after free in Dawn. Reported by wgslfuzz on 2024-04-09

Reply | Quote

Brave 1.65.122

Release notes

Reply | Quote

https://www.neowin.net/software/google-chrome-1240636792-offline-installer/

Google Chrome 124.0.6367.92

* Couldn’t find release notes.

Reply | Quote

Brave 1.65.123

Release notes

Reply | Quote

Google Chrome Portable64_124.0.6367.119

Google Chrome Portable_124.0.6367.119

https://chromereleases.googleblog.com/

The Stable channel has been updated to 124.0.6367.118/.119 for Windows, Mac and 124.0.6367.118 for Linux which will roll out over the coming days/weeks.

This update includes 2 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$3000][335003891] High CVE-2024-4331: Use after free in Picture In Picture. Reported by Zhenghang Xiao (@Kipreyyy) on 2024-04-16

[TBD][333508731] High CVE-2024-4368: Use after free in Dawn. Reported by wgslfuzz on 2024-04-09

Reply | Quote

Google Chrome 124.0.6367.156
The Stable channel has been updated to 124.0.6367.155/.156 for Mac and Windows and 124.0.6367.155 for Linux

The Extended Stable channel has been updated to 124.0.6367.155 for Mac

This update includes 2 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[TBD][337766133] High CVE-2024-4558: Use after free in ANGLE. Reported by gelatin dessert on 2024-04-29

[TBD][331369797] High CVE-2024-4559: Heap buffer overflow in WebAudio. Reported by Cassidy Kim(@cassidy6564) on 2024-03-26

Reply | Quote

Google Chrome Portable64_124.0.6367.156

Google Chrome Portable_124.0.6367.156

Reply | Quote

Brave 1.65.130

Release notes

Reply | Quote

Google Chrome 124.0.6367.202

The Stable channel has been updated to 124.0.6367.201/.202 for Mac and Windows and 124.0.6367.201 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log.

The Extended Stable channel has been updated to 124.0.6367.201 for Mac and Windows which will roll out over the coming days/weeks.

This update includes 1 security fix. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[N/A][339266700] High CVE-2024-4671: Use after free in Visuals. Reported by Anonymous on 2024-05-07

Google is aware that an exploit for CVE-2024-4671 exists in the wild.

Reply | Quote

Google Chrome Portable64_124.0.6367.202

Google Chrome Portable_124.0.6367.202

Reply | Quote

Brave 1.65.132

Release notes

Reply | Quote

Google Chrome 125.0.6422.61

The Chrome team is delighted to announce the promotion of Chrome 125 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks.
Chrome 125.0.6422.60 (Linux) 125.0.6422.60/.61( Windows, Mac) contains a number of fixes and improvements

This update includes 9 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[TBD][340221135] High CVE-2024-4947: Type Confusion in V8. Reported by Vasily Berdnikov (@vaber_b) and Boris Larin (@oct0xor) of Kaspersky on 2024-05-13

[TBD][333414294] High CVE-2024-4948: Use after free in Dawn. Reported by wgslfuzz on 2024-04-09

[$7000][326607001] Medium CVE-2024-4949: Use after free in V8. Reported by Ganjiang Zhou(@refrain_areu) of ChaMd5-H1 team on 2024-02-24

[$1000][40065403] Low CVE-2024-4950: Inappropriate implementation in Downloads. Reported by Shaheen Fazim on 2023-06-06

Google is aware that an exploit for CVE-2024-4947 exists in the wild.

[340880302] Various fixes from internal audits, fuzzing and other initiatives

Reply | Quote

Google Chrome Portable_125.0.6422.61

Google Chrome Portable64_125.0.6422.61

Reply | Quote

Google Chrome 125.0.6422.77

“The Stable channel has been updated to 125.0.6422.76/.77 for Windows, Mac and 125.0.6422.76 for Linux

This update includes 6 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$11000][336012573] High CVE-2024-5157: Use after free in Scheduling. Reported by Looben Yang on 2024-04-21

[$10000][338908243] High CVE-2024-5158: Type Confusion in V8. Reported by Zhenghang Xiao (@Kipreyyy) on 2024-05-06

[$5000][335613092] High CVE-2024-5159: Heap buffer overflow in ANGLE. Reported by David Sievers (@loknop) on 2024-04-18

[TBD][338161969] High CVE-2024-5160: Heap buffer overflow in Dawn. Reported by wgslfuzz on 2024-05-01”

Reply | Quote

Google Chrome 125.0.6422.113

“The Stable channel has been updated to 125.0.6422.112/.113 for Windows, Mac and 125.0.6422.112 for Linux

This update includes 1 security fix. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[N/A][341663589] High CVE-2024-5274: Type Confusion in V8. Reported by Clément Lecigne of Google’s Threat Analysis Group and Brendon Tiszka of Chrome Security on 2024-05-20

Google is aware that an exploit for CVE-2024-5274 exists in the wild.”

Reply | Quote

Google Chrome Portable 125.0.6422.113

Reply | Quote

Chrome 125.0.6422.141/.142

“The Stable channel has been updated to 125.0.6422.141/.142 for Windows, Mac and 125.0.6422.141 for Linux

This update includes 11 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$7000][339877165] High CVE-2024-5493: Heap buffer overflow in WebRTC. Reported by Cassidy Kim(@cassidy6564) on 2024-05-11

[TBD][338071106] High CVE-2024-5494: Use after free in Dawn. Reported by wgslfuzz on 2024-05-01

[TBD][338103465] High CVE-2024-5495: Use after free in Dawn. Reported by wgslfuzz on 2024-05-01

[TBD][338929744] High CVE-2024-5496: Use after free in Media Session. Reported by Cassidy Kim(@cassidy6564) on 2024-05-06

[TBD][339061099] High CVE-2024-5497: Out of bounds memory access in Keyboard Inputs. Reported by zh1x1an1221 of Ant Group Tianqiong Security Lab on 2024-05-07

[TBD][339588211] High CVE-2024-5498: Use after free in Presentation API. Reported by anymous on 2024-05-09

[TBD][339877167] High CVE-2024-5499: Out of bounds write in Streams API. Reported by anonymous on 2024-05-11″

Google Chrome Portable64_125.0.6422.142

Google Chrome Portable_125.0.6422.142

Reply | Quote

Brave 1.66.118

Release notes

Brave Portable 1.65.126

Reply | Quote

Chrome 126.0.6478.54 (Linux) 126.0.6478.56/57( Windows, Mac) contains a number of fixes and improvements
Chrome 126.0.6478.56/57( Windows, Mac) has been pushed to extended stable channel as well

“This update includes 21 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
[$25000][342456991] High CVE-2024-5830: Type Confusion in V8. Reported by Man Yue Mo of GitHub Security Lab on 2024-05-24
[$10000][339171223] High CVE-2024-5831: Use after free in Dawn. Reported by wgslfuzz on 2024-05-07
[$10000][340196361] High CVE-2024-5832: Use after free in Dawn. Reported by wgslfuzz on 2024-05-13
[$7000][342602616] High CVE-2024-5833: Type Confusion in V8. Reported by @ginggilBesel on 2024-05-24
[$5000][342840932] High CVE-2024-5834: Inappropriate implementation in Dawn. Reported by gelatin dessert on 2024-05-26
[$3000][341991535] High CVE-2024-5835: Heap buffer overflow in Tab Groups. Reported by Weipeng Jiang (@Krace) of VRI on 2024-05-22
[TBD][341875171] High CVE-2024-5836: Inappropriate Implementation in DevTools. Reported by Allen Ding on 2024-05-21
[TBD][342415789] High CVE-2024-5837: Type Confusion in V8. Reported by Anonymous on 2024-05-23
[TBD][342522151] High CVE-2024-5838: Type Confusion in V8. Reported by Zhenghang Xiao (@Kipreyyy) on 2024-05-24
[$100115][340122160] Medium CVE-2024-5839: Inappropriate Implementation in Memory Allocator. Reported by Micky on 2024-05-13
[$5000][41492103] Medium CVE-2024-5840: Policy Bypass in CORS. Reported by Matt Howard on 2024-01-17
[$2000][326765855] Medium CVE-2024-5841: Use after free in V8. Reported by Cassidy Kim(@cassidy6564) on 2024-02-26
[$1000][40062622] Medium CVE-2024-5842: Use after free in Browser UI. Reported by Sven Dysthe (@svn_dy) on 2023-01-12
[$500][333940412] Medium CVE-2024-5843: Inappropriate implementation in Downloads. Reported by hjy79425575 on 2024-04-12
[TBD][331960660] Medium CVE-2024-5844: Heap buffer overflow in Tab Strip. Reported by Sri on 2024-04-01
[TBD][340178596] Medium CVE-2024-5845: Use after free in Audio. Reported by anonymous on 2024-05-13
[TBD][341095523] Medium CVE-2024-5846: Use after free in PDFium. Reported by Han Zheng (HexHive) on 2024-05-16
[TBD][341313077] Medium CVE-2024-5847: Use after free in PDFium. Reported by Han Zheng (HexHive) on 2024-05-18″

Google Chrome Portable 126.0.6478.57 Stable

Reply | Quote

Google Chrome 126.0.6478.62

The Stable channel has been updated to 126.0.6478.61/.62 for Windows, Mac and 126.0.6478.61 for Linux which will roll out over the coming days/weeks

Reply | Quote

Google Chrome 126.0.6478.115

“The Stable channel has been updated to 126.0.6478.114/115 for Windows, Mac and 126.0.6478.114 for Linux which will roll out over the coming days/weeks.

This update includes 6 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$20000][344608204] High CVE-2024-6100: Type Confusion in V8. Reported by Seunghyun Lee (@0x10n) participating in SSD Secure Disclosure’s TyphoonPWN 2024 on 2024-06-04
[$7000][343748812] High CVE-2024-6101: Inappropriate implementation in WebAssembly. Reported by @ginggilBesel on 2024-05-31
[TBD][339169163] High CVE-2024-6102: Out of bounds memory access in Dawn. Reported by wgslfuzz on 2024-05-07
[TBD][344639860] High CVE-2024-6103: Use after free in Dawn. Reported by wgslfuzz on 2024-06-04”

Google Chrome Portable64_126.0.6478.115

Google Chrome Portable_126.0.6478.115

Reply | Quote

Brave 1.67.119

Release notes

Reply | Quote

Google Chrome 126.0.6478.127

“The Stable channel has been updated to 126.0.6478.126/127 for Windows, Mac and 126.0.6478.126 for Linux which will roll out over the coming days/weeks

This update includes 5 security fixes. Below, we highlight fixes that were contributed by external researchers.

[$10000][342428008] High CVE-2024-6290: Use after free in Dawn. Reported by wgslfuzz on 2024-05-23
[$4000][40942995] High CVE-2024-6291: Use after free in Swiftshader. Reported by Cassidy Kim(@cassidy6564) on 2023-11-15
[TBD][342545100] High CVE-2024-6292: Use after free in Dawn. Reported by wgslfuzz on 2024-05-24
[TBD][345993680] High CVE-2024-6293: Use after free in Dawn. Reported by wgslfuzz on 2024-06-09”

Reply | Quote

Google Chrome Portable64_126.0.6478.127

Google Chrome Portable_126.0.6478.127

Reply | Quote

Brave 1.67.123

Release notes

Reply | Quote

Google Chrome 127.0.6533.73 for Windows, Mac and 127.0.6533.72 for Linux

This update includes 24 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$11000][349198731] High CVE-2024-6988: Use after free in Downloads. Reported by lime(@limeSec_) from TIANGONG Team of Legendsec at QI-ANXIN Group on 2024-06-25

[$8000][349342289] High CVE-2024-6989: Use after free in Loader. Reported by Anonymous on 2024-06-25

[TBD][346618785] High CVE-2024-6991: Use after free in Dawn. Reported by wgslfuzz on 2024-06-12

[TBD][349653220] High CVE-2024-6992: Out of bounds memory access in ANGLE. Reported by Xiantong Hou of Wuheng Lab and Pisanbao on 2024-06-27

[TBD][349903568] High CVE-2024-6993: Inappropriate implementation in Canvas. Reported by Anonymous on 2024-06-30

[$8000][339686368] Medium CVE-2024-6994: Heap buffer overflow in Layout. Reported by Huang Xilin of Ant Group Light-Year Security Lab on 2024-05-10

[$6000][343938078] Medium CVE-2024-6995: Inappropriate implementation in Fullscreen. Reported by Alesandro Ortiz on 2024-06-01

[$5000][333708039] Medium CVE-2024-6996: Race in Frames. Reported by Louis Jannett (Ruhr University Bochum) on 2024-04-10

[$3000][325293263] Medium CVE-2024-6997: Use after free in Tabs. Reported by Sven Dysthe (@svn-dys) on 2024-02-15

[$2000][340098902] Medium CVE-2024-6998: Use after free in User Education. Reported by Sven Dysthe (@svn-dys) on 2024-05-13

[$2000][340893685] Medium CVE-2024-6999: Inappropriate implementation in FedCM. Reported by Alesandro Ortiz on 2024-05-15

[$500][339877158] Medium CVE-2024-7000: Use after free in CSS. Reported by Anonymous on 2024-05-11

[TBD][347509736] Medium CVE-2024-7001: Inappropriate implementation in HTML. Reported by Jake Archibald on 2024-06-17

[$2000][338233148] Low CVE-2024-7003: Inappropriate implementation in FedCM. Reported by Alesandro Ortiz on 2024-05-01

[TBD][40063014] Low CVE-2024-7004: Insufficient validation of untrusted input in Safe Browsing. Reported by Anonymous on 2023-02-10

[TBD][40068800] Low CVE-2024-7005: Insufficient validation of untrusted input in Safe Browsing. Reported by Umar Farooq on 2023-08-04..

Google Chrome Portable64_127.0.6533.73

Google Chrome Portable_127.0.6533.73

Reply | Quote

Brave 1.68.128 all platforms

Release notes

Reply | Quote

Brave 1.68.131 all platforms

Release notes (Windows only)

Reply | Quote

Google Chrome: security update fixes 38 issues, including one that is actively exploited

Google released security updates for Google Chrome on various platforms today. The update fixes a total of 38 unique security issues in the web browser. To make matters worse, one patches a 0-day exploit that is already used in attacks…

most security issues affect other Chromium-based browsers as well…

The update fixes 38 security issues in Chrome.
7 of the publicly reported issues are rated high, the second highest rating after critical.
The issue that is exploited in the wild is CVE-2024-7971. It was reported by Microsoft.
Google confirms the use in the wild in the post: “Google is aware that an exploit for CVE-2024-7971 exists in the wild.”…

Google Chrome Portable64_128.0.6613.85

Google Chrome Portable_128.0.6613.85

Reply | Quote

Brave 1.69.153 all platforms

Release notes

Reply | Quote

Brave v1.70.126 released (October 9th)
Release Notes:
https://brave.com/latest/

Fixed issue where unchecking the “Show on startup” checkbox of the profile picker was not being retained. (#41194)

Fixed toggling on “Enable AdGuard” under brave://settings/extensions/*v2 was installing the MV3 version of the AdGuard Blocker extension.(#41173)

Upgraded Chromium to 129.0.6668.100.

* my bolding emphasis for people who use the AdGuard Extension with Brave.

Windows - commercial by definition and now function...

1 user thanked author for this post.

Alex5723

Reply | Quote

Brave Release v1.71.112 (Chromium 130.0.6723.44)

Reply | Quote

Brave 1.71.118 (Chromium 130.0.6723.70)

Portable

Release notes

Reply | Quote

Brave 1.73.89

Reply | Quote

Brave 1.73.97 (Chromium 131.0.6778.108)

Releases / release notes

Reply | Quote

Release v1.73.104 (Chromium 131.0.6778.204)

Reply | Quote

Brave 1.73.105 (Chromium 131.0.6778.265)

Reply | Quote

Chrome 132.0.6834.83 (Linux) 132.0.6834.83/84( Windows, Mac)

..This update includes 16 security fixes:

[$7000][374627491] High CVE-2025-0434: Out of bounds memory access in V8. Reported by ddme on 2024-10-21

[$7000][379652406] High CVE-2025-0435: Inappropriate implementation in Navigation. Reported by Alesandro Ortiz on 2024-11-18

[$3000][382786791] High CVE-2025-0436: Integer overflow in Skia. Reported by Han Zheng (HexHive) on 2024-12-08

[$2000][378623799] High CVE-2025-0437: Out of bounds read in Metrics. Reported by Xiantong Hou of Wuheng Lab and Pisanbao on 2024-11-12

[TBD][384186539] High CVE-2025-0438: Stack buffer overflow in Tracing. Reported by Han Zheng (HexHive) on 2024-12-15

[$5000][371247941] Medium CVE-2025-0439: Race in Frames. Reported by Hafiizh on 2024-10-03

[$5000][40067914] Medium CVE-2025-0440: Inappropriate implementation in Fullscreen. Reported by Umar Farooq on 2023-07-22

[$2000][368628042] Medium CVE-2025-0441: Inappropriate implementation in Fenced Frames. Reported by someoneverycurious on 2024-09-21

[$2000][40940854] Medium CVE-2025-0442: Inappropriate implementation in Payments. Reported by Ahmed ElMasry on 2023-11-08

[$1000][376625003] Medium CVE-2025-0443: Insufficient data validation in Extensions. Reported by Anonymous on 2024-10-31

[$1000][359949844] Low CVE-2025-0446: Inappropriate implementation in Extensions. Reported by Hafiizh on 2024-08-15

[$1000][375550814] Low CVE-2025-0447: Inappropriate implementation in Navigation. Reported by Khiem Tran (@duckhiem) on 2024-10-25

[$1000][377948403] Low CVE-2025-0448: Inappropriate implementation in Compositing. Reported by Dahyeon Park on 2024-11-08..

Reply | Quote

Brave v1.74.50 (Chromium 132.0.6834.111)

Reply | Quote

Release v1.74.51 (Chromium 132.0.6834.160)

Reply | Quote

Brave Release v1.75.180 (Chromium 133.0.6943.126)

Reply | Quote

Brave 1.75.181 (Chromium 133.0.6943.141)

Reply | Quote

Brave 1.76.73 (Chromium 134.0.6998.45)

Reply | Quote

Brave v1.76.80 (Chromium 134.0.6998.118)

Reply | Quote

Brave 1.76.81 (Chromium 134.0.6998.166)

Reply | Quote

Brave 1.77.95 (Chromium 135.0.7049.52)

Reply | Quote

Brave 1.77.97 (Chromium 135.0.7049.84)

Reply | Quote

Brave Release v1.77.101 (Chromium 135.0.7049.115) all platforms

Reply | Quote