Why you should update Chrome and Firefox right now

2 hours ago 2
gettyimages-1782552220-1
Eugene Mymrin/Getty Images

Whether you use Chrome, Firefox, or both, it's once again time to update your browser. Yes, these constant updates can be a hassle, but sometimes they really are necessary or can at least give you helpful new features. So what's new in the latest editions of these two?

What's new in Chrome

Released on Tuesday for Windows, MacOS, and Linux, Chrome version 130.0.6723.91/.92 includes fixes for two security vulnerabilities. One is considered Critical, while the other is rated High.

Also: Chrome adds a quick-fix tool to speed up your browser with a single click

The critical bug dubbed CVE-2024-10487 is described as an "Out of bounds write in Dawn," meaning a remote attacker could have performed out-of-bounds memory access via a crafted HTML page. 

What does all that mean? Dawn is an open-source implementation that Chrome adopts for WebGPU, an API that lets webpages use your PC's graphics processing unit. With this unpatched vulnerability, an attacker could exploit a webpage to run their malicious code.

The ironic part here is that the bug was discovered by researchers at Apple's Security Engineering and Architecture, who brought it to Google's attention. With all the rivalry between Apple and Google, it's nice to know that they do watch each other's backs to our mutual benefit.

Also: Google's new AI course will teach you to write more effective prompts

The bug rated High, designated CVE-2024-10488, is described as a "Use after free in WebRTC," which allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. WebRTC is an open-source project that lets browsers and mobile apps share audio, video, and data via APIs without needing third-party plugins. With this bug, a hacker could have exploited free memory to launch an attack.

How to update Chrome

To update Chrome on your desktop, click the three-dot icon in the upper right, move to Help, and select About Google Chrome. The browser will download and install the latest update, and then prompt you to restart it.

What's new in Firefox

Now for Firefox. Also released on Tuesday, Firefox version 132 patches 11 security holes. Two of them are rated High, six are Moderate, and three are Low.

Also: 3 ways to take back control of your Windows storage

One bug rated High is CVE-2024-10459, which would have allowed an attacker to crash a program through which they could then run malicious code. The other vulnerability considered High and designated as CVE-2024-10458 could have enabled an attacker to transfer sensitive permissions from a trusted site to an untrusted one.

Beyond security fixes, there's more to the latest Firefox. On the eve of the 20th anniversary of its browser, which launched on November 9, 2004, Mozilla has added a few extras to the new edition.

With Microsoft's PlayReady encrypted media playback now rolling out across the web, Firefox is launching 1080p playback as a baseline and 4K Ultra HD support for key streaming services. According to Mozilla, the benefit is that there's less battery drain and better performance when streaming movies and TV shows from different services.

How to update Firefox

Click the three-line icon, select Help, and then click About Firefox. The latest version will be installed, after which you'll be prompted to restart the browser.

Also: Why you don't need to pay for antivirus software anymore

Third-party cookies are still a persistent and annoying problem on the web. Firefox now automatically blocks such cookies when Enhanced Tracking Protection's Strict mode is enabled. Offering three different levels, Enhanced Tracking Protection aims to protect you against social media trackers, cross-site cookies, crypto miners, fingerprinters, and other threats.

To check or change your level, click the three-line icon at the upper right, select Settings, and then go to Privacy & Security. You can choose among Standard, Strict, and Custom levels.

Read Entire Article