Some of the links shared in this post are affiliate links. If you click on the link and make a purchase, we will receive an affiliate commission at no additional cost to you.
The Chrome team has announced the release of Chrome 129.0.6668.58 for Linux and version 129.0.6668.58/.59 for Windows and Mac. This update will be made available to all users in stages over the coming days and weeks. It contains a number of improvements and bug fixes designed to make the browser more powerful and secure. A detailed list of changes can be found in the official change log.
Improvements and security updates
In addition to performance optimizations, Chrome 129 also brings numerous security-related updates. A total of nine security vulnerabilities have been fixed in this version, some of which have been reported by external security researchers. Of particular note is a serious vulnerability (CVE-2024-8904) in the JavaScript engine V8, which was reported by the researcher Popax21 on September 8, 2024. This vulnerability could potentially lead to the execution of malicious code and was given a “high” severity rating.
In addition, there were several vulnerabilities that were classified as “medium” or “low”. These included:
- CVE-2024-8905: Inappropriate implementation in V8, reported by Ganjiang Zhou (@refrain_areu) of the ChaMd5-H1 team. The researcher received a prize of 8,000 US dollars.
- CVE-2024-8906: Error in the security display during the download process, reported by @retsew0x01, rewarded with 2,000 US dollars.
- CVE-2024-8907: Insufficient data validation in the Omnibox, reported by Muhammad Zaid Ghifari, awarded 1,000 US dollars.
The remaining vulnerabilities, which were classified as “low”, affect the autofill function and the user interface, among other things.
Thanks to external security researchers
Google would once again like to thank the external security researchers who contributed to the discovery of these vulnerabilities. This cooperation is an important part of Chrome’s security strategy, as many bugs can be fixed in advance before they reach the stable channel. Google also uses a range of internal tools and techniques such as AddressSanitizer, MemorySanitizer and fuzzing to identify and fix security issues.
Future features and blog posts
Chrome 129 is not just a pure security update, but paves the way for major upcoming features that Google will be introducing in separate blog posts over the next few weeks. So it’s worth keeping an eye on the Chrome and Chromium blogs to find out more about the new features.
With the release of Chrome 129, Google is once again underlining its priority on security and stability. The numerous vulnerabilities that have been fixed and the improved performance make the update essential for all users. It is recommended to update the browser promptly in order to benefit from the security improvements. If you want to find out more about the new functions, you should also keep an eye on the upcoming blog posts.