Google fixes several high severity vulnerabilities in its Chrome 128.0.6613.84/.85 Stable Channel update

Hello everyone,

Chrome Stable Channel has been updated to 128.0.6613.84/.85 for Windows and Mac and 128.0.6613.84 for Linux. This update comes with 38 security fixes. The details of the vulnerabilities fixed are mentioned below:

CVE ID	Vulnerability	Severity
CVE-2024-7964	Use after free in Passwords	High
CVE-2024-7965	Inappropriate implementation in V8	High
CVE-2024-7966	Out of bounds memory access in Skia	High
CVE-2024-7967	Heap buffer overflow in Fonts	High
CVE-2024-7968	Use after free in Autofill	High
CVE-2024-7969	Type Confusion in V8	High
CVE-2024-7971	Type Confusion in V8	High
CVE-2024-7972	Inappropriate implementation in V8	Medium
CVE-2024-7973	Heap buffer overflow in PDFium	Medium
CVE-2024-7974	Insufficient data validation in V8 API	Medium
CVE-2024-7975	Inappropriate implementation in Permissions	Medium
CVE-2024-7976	Inappropriate implementation in FedCM	Medium
CVE-2024-7977	Insufficient data validation in Installer	Medium
CVE-2024-7978	Insufficient policy enforcement in Data Transfer	Medium
CVE-2024-7979	Insufficient data validation in Installer	Medium
CVE-2024-7980	Insufficient data validation in Installer	Medium
CVE-2024-7981	Inappropriate implementation in Views	Low
CVE-2024-8033	Inappropriate implementation in WebApp Installs	Low
CVE-2024-8034	Inappropriate implementation in Custom Tabs	Low
CVE-2024-8035	Inappropriate implementation in Extensions	Low

To install this update on your Windows / Mac machines, initiate a sync between the Central Patch Repository and the Vulnerability Manager Plus server. Once the sync is complete, search for the following Patch IDs or Bulletin ID and deploy them to your target systems.

Patch details

Patch ID	Bulletin ID	Patch description
340846	TU-017	Google Chrome (128.0.6613.84, 128.0.6613.85)
340846	TU-017	Google Chrome (128.0.6613.84, 128.0.6613.85)
608395	MAC-012	Google Chrome For Mac (128.0.6613.84, 128.0.6613.85)