Malicious Google Chrome extension collected users' data for third parties
Malicious Google Chrome extension collected users' data for third parties

Google's latest stable channel update for the Chrome browser on Windows, Mac and Linux desktop machines includes fixes for 53 security issues, including three high-severity vulnerabilities.

Issued on Jan. 24, Chrome 64.0.3282.119 addresses, among other bugs, CVE-2018-6031, a use-after-free flaw in the PDF software library PDFium; CVE-2018-6032, a same origin bypass error in Shared Worker; and CVE-2018-6033, a race condition vulnerability when opening downloaded files.

Additionally, the release includes additional protections against speculative side-channel attack techniques that exploit the CPU vulnerabilities known as Spectre and Meltdown.