Hi everyone! We've just released Chrome Beta 131 (131.0.6778.22) for iOS; it'll become available on App Store in the next few days.
You can see a partial list of the changes in the Git log. If you find a new issue, please let us know by filing a bug.
Harry SoudersGoogle Chrome
The Beta channel has been updated to 131.0.6778.24 for Windows, Mac and Linux.
A partial list of changes is available in the Git log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.
Prudhvi BommanaGoogle Chrome
Hi everyone! We've just released Chrome Beta 131 (131.0.6778.22) for Android. It's now available on Google Play.
You can see a partial list of the changes in the Git log. For details on new features, check out the Chromium blog, and for details on web platform updates, check here.
If you find a new issue, please let us know by filing a bug.
Hello All,
The Beta channel has been updated to 131.0.6778.17 (Platform version: 16063.13.0) for most ChromeOS devices.
If you find new issues, please let us know one of the following ways:
Google ChromeOS.
The Stable channel is being updated to OS version: 16033.43.0 Browser version: 130.0.6723.84 for most ChromeOS devices.
If you find new issues, please let us know one of the following ways
Interested in switching channels? Find out how.
Security Fixes and Rewards
ChromeOS Vulnerability Rewards Program Reported Bug Fixes:
N/A
Other 3rd Party Security Fixes Included:
High Fixes CVE-2024-7006 in libtiff
Medium Fixes CVE-2024-47076 CVE-2024-47175 CVE-2024-47176 CVE-2024-47177 in CUPS
Android Security fixes can be found here
Chrome Browser Security Fixes:
[$4000.0] [368672129] MEDIUM CVE-2024-9959: Use after free in DevTools. Reported by Sakana.S on 2024-09-21
[$36000.0] [367755363] HIGH CVE-2024-9954:Use after free in AI. Reported by DarkNavy on 2024-09-18
[$TBD] [367734947] HIGH CVE- DCHECK failure in base_.kind() == JAVA_SCRIPT in frames.h on 2024-09-17
[$TBD] [366635354] HIGH CVE- V8 correctness failure in sources: 1e - Missing TypeError in inlined js-to-wasm wrapper for ref extern on 2024-09-14
[$1000.0] [364773822] LOW CVE-2024-9966 Inappropriate implementation in Navigations. Reported by Harry Chen on 2024-09-05
[TBD][375123371] CRITICAL CVE-2024-10487: Out of bounds write in Dawn. Reported by Apple Security Engineering and Architecture (SEAR) on 2024-10-23[TBD][374310077] HIGH CVE-2024-10488: Use after free in WebRTC. Reported by Cassidy Kim(@cassidy6564) on 2024-10-18[TBD][371011220] HIGH CVE-2024-10229: Inappropriate implementation in Extensions. Reported by Vsevolod Kokorin (Slonser) of Solidlab on 2024-10-02
[TBD][371565065] HIGH CVE-2024-10230: Type Confusion in V8. Reported by Seunghyun Lee (@0x10n) on 2024-10-05
[TBD][372269618] HIGH CVE-2024-10231: Type Confusion in V8. Reported by Seunghyun Lee (@0x10n) on 2024-10-09
[$1000.0] [364508693] MEDIUM CVE-2024-9962 : Inappropriate implementation in Permissions. Reported by Shaheen Fazim on 2024-09-04
[$3000.0] [361711121] LOW CVE-2024-9964 : Inappropriate implementation in Payments. Reported by Hafiizh on 2024-08-23
[$2000.0] [354748063] MEDIUM CVE-2024-9960: Use after free in Dawn. Reported by Anonymous on 2024-07-23
[$TBD] [328278718] MEDIUM CVE-2024-9963 : Insufficient data validation in Downloads. Reported by st4nly0n on 2024-03-06
[$5000.0] [40076120] MEDIUM CVE-2024-9958 Inappropriate implementation in PictureInPicture. Reported by Lyra Rebane (rebane2001) on 2023-11-02
Giuliana Pritchard
Google ChromeOS
Hi, everyone! We've just released Chrome 130 (130.0.6723.86) for Android to a small percentage of users. It'll become available on Google Play over the next few days. You can find more details about early Stable releases here.
Hi everyone! We've just released Chrome Stable 130 (130.0.6723.90) for iOS; it'll become available on App Store in the next few hours.
This release includes stability and performance improvements. You can see a full list of the changes in the Git log. If you find a new issue, please let us know by filing a bug.
Erhu AkpobaroGoogle Chrome
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
This update includes 2 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
[TBD][375123371] Critical CVE-2024-10487: Out of bounds write in Dawn. Reported by Apple Security Engineering and Architecture (SEAR) on 2024-10-23
[TBD][374310077] High CVE-2024-10488: Use after free in WebRTC. Reported by Cassidy Kim(@cassidy6564) on 2024-10-18
We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
Interested in switching release channels? Find out how here. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.
A new LTS-126 version 126.0.6478.256 (Platform Version: 15886.81.0), has rolled out for most ChromeOS devices.
The Dev channel has been updated to 132.0.6793.2 for Windows, Mac and Linux.
Srinivas SistaGoogle Chrome
Hi everyone! We've just released Chrome Dev 132 (132.0.6793.3) for Android. It's now available on Google Play.
Krishna GovindGoogle Chrome
The Beta channel is being updated to OS version: 16033.38.0, Browser version: 130.0.6723.79 for most ChromeOS devices.
Giuliana Pritchard,
The Beta channel has been updated to 131.0.6778.13 for Windows, Mac and Linux.
Hi everyone! We've just released Chrome Beta 131 (131.0.6778.12) for iOS; it'll become available on App Store in the next few days.
Hi everyone! We've just released Chrome Beta 131 (131.0.6778.14) for Android. It's now available on Google Play.
Hi everyone! We've just released Chrome Stable 130 (130.0.6723.78) for iOS; it'll become available on App Store in the next few hours.
Hi, everyone! We've just released Chrome 130 (130.0.6723.73) for Android to a small percentage of users. It'll become available on Google Play over the next few days. You can find more details about early Stable releases here.
This update includes 3 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
[TBD][371011220] High CVE-2024-10229: Inappropriate implementation in Extensions. Reported by Vsevolod Kokorin (Slonser) of Solidlab on 2024-10-02
[TBD][371565065] High CVE-2024-10230: Type Confusion in V8. Reported by Seunghyun Lee (@0x10n) on 2024-10-05
[TBD][372269618] High CVE-2024-10231: Type Confusion in V8. Reported by Seunghyun Lee (@0x10n) on 2024-10-09
The Stable channel is being updated to OS version: 16002.60.0 Browser version: 129.0.6668.112 for most ChromeOS devices.
Matt NelsonGoogle ChromeOS
The Dev channel has been updated to 132.0.6779.0 for Windows, Mac and Linux.
The Beta channel is being updated to OS version: 16033.32.0, Browser version: 130.0.6723.63 for most ChromeOS devices.
Hi everyone! We've just released Chrome Dev 132 (132.0.6779.0) for Android. It's now available on Google Play.
The Dev channel has been updated to 131.0.6778.0 (Platform version: 16063.2.0) for most ChromeOS devices.
Hi everyone! We've just released Chrome Beta 131 (131.0.6778.2) for Android. It's now available on Google Play.
The Chrome team is excited to announce the promotion of Chrome 131 to the Beta channel for Windows, Mac and Linux. Chrome 131.0.6778.3 contains our usual under-the-hood performance and stability tweaks, but there are also some cool new features to explore - please head to the Chromium blog to learn more!
Hi everyone! We've just released Chrome Beta 131 (131.0.6778.2) for iOS; it'll become available on App Store in the next few days.
The Stable channel is being updated to OS version: 16002.58.0 Browser version: 129.0.6668.110 for most ChromeOS devices.
A new LTS-126 version 126.0.6478.255 (Platform Version: 15886.80.0), is being rolled out for most ChromeOS devices.
Hi, everyone! We've just released Chrome 130 (130.0.6723.58) for Android to a small percentage of users. It'll become available on Google Play over the next few days. You can find more details about early Stable releases here.
The Stable channel has been updated to 130.0.6723.58/.59 for Windows, Mac and 130.0.6723.58 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log.
The Extended Stable channel has been updated to 130.0.6723.59 for Windows and Mac which will roll out over the coming days/weeks.
As usual, our ongoing internal security work was responsible for a wide range of fixes:
This update includes 17 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.
[$36000][367755363] High CVE-2024-9954: Use after free in AI. Reported by DarkNavy on 2024-09-18
[$6000][370133761] Medium CVE-2024-9955: Use after free in Web Authentication. Reported by anonymous on 2024-09-29
[$6000][370482421] Medium CVE-2024-9956: Inappropriate implementation in Web Authentication. Reported by mastersplinter on 2024-09-30
[$5000][358151317] Medium CVE-2024-9957: Use after free in UI. Reported by lime(@limeSec_) and fmyy(@binary_fmyy) From TIANGONG Team of Legendsec at QI-ANXIN Group on 2024-08-08
[$5000][40076120] Medium CVE-2024-9958: Inappropriate implementation in PictureInPicture. Reported by Lyra Rebane (rebane2001) on 2023-11-02
[$4000][368672129] Medium CVE-2024-9959: Use after free in DevTools. Reported by Sakana.S on 2024-09-21
[$2000][354748063] Medium CVE-2024-9960: Use after free in Dawn. Reported by Anonymous on 2024-07-23
[$2000][357776197] Medium CVE-2024-9961: Use after free in Parcel Tracking. Reported by lime(@limeSec_) and fmyy(@binary_fmyy) From TIANGONG Team of Legendsec at QI-ANXIN Group on 2024-08-06
[$1000][364508693] Medium CVE-2024-9962: Inappropriate implementation in Permissions. Reported by Shaheen Fazim on 2024-09-04
[TBD][328278718] Medium CVE-2024-9963: Insufficient data validation in Downloads. Reported by st4nly0n on 2024-03-06
[$3000][361711121] Low CVE-2024-9964: Inappropriate implementation in Payments. Reported by Hafiizh on 2024-08-23
[$1000][352651673] Low CVE-2024-9965: Insufficient data validation in DevTools. Reported by Shaheen Fazim on 2024-07-12
[$1000][364773822] Low CVE-2024-9966: Inappropriate implementation in Navigations. Reported by Harry Chen on 2024-09-05
[373456817] Various fixes from internal audits, fuzzing and other initiatives
Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL.
