{"title": "Google Deploys Emergency Chrome Patch to Address Actively Exploited Zero-Day Flaw", "body": ["Google has addressed three security flaws in the latest Chrome releases, specifically versions 143.0.7499.109/101 for Windows and macOS, along with 143.0.7499.109 for Linux. The company indicates that attackers are already taking advantage of one of these issues. The rollout of this updated Chrome edition has been postponed by a single day. Developers of other browsers built on Chromium are expected to issue their patches shortly, with Vivaldi having already distributed an update."], ["Srinivas Sista omitted the 'Security Fixes and Rewards' details from the initial Chrome Release Blog post. Such omissions have occurred multiple times in the past few weeks, including the week prior, suggesting it's more than a simple mistake. Approximately 12 hours afterward, the blog updated to include the patched issues, all of which were identified by independent security researchers."], ["Google rates one of the flaws as high severity. Details remain scarce, described only as '[466192044] High: Under coordination.' No CVE identifier has been assigned, nor any specifics on the flaw's nature or affected parts. What is confirmed is its status as a zero-day vulnerability. Further disclosures are anticipated shortly. The remaining two flaws carry medium severity ratings."], ["Google launched the major Chrome update to version 143 on December 2, following some delays, incorporating fixes for various security problems. The browser typically handles updates automatically upon availability. Users can trigger a manual check through the 'Help' menu under 'About Google Chrome.' Mobile versions have also been updated: Chrome for Android to 143.0.7499.1092 and for iOS to 143.0.7499.108, addressing the identical vulnerabilities as the desktop editions. The Extended Stable Channel for Windows and macOS now features Chromium 142.0.7499.235. Plans for Chrome 144 are not set until January 2026."], ["Producers of alternative Chromium-derived browsers face calls to expedite their updates. Microsoft Edge and Brave have transitioned to Chromium 143 and maintain security from the prior week's patches."], ["Vivaldi typically bypasses non-even Chromium releases like 143, opting for the extended stable track of the earlier version. Yet, the Vivaldi 7.7.3851.61 update, issued December 10 as a minor correction, integrates Chromium 142.0.7444.237 from the same date, which secures against all identified vulnerabilities relevant to Chromium 142."], ["Opera released browser version 125 on December 4, built on Chromium 141, which temporarily narrowed the security distance to rivals. Should the noted zero-day impact Chromium 141, Opera's team is likely to adapt the fix for that base."], ["This piece first appeared on our affiliated site PC-WELT, adapted and translated from its original German version."], ["Frank Ziemann has contributed as a freelance writer to PC-WELT since 2005, focusing on news and reviews. His expertise covers IT security topics like malware, antivirus tools, and vulnerabilities, as well as internet technologies."]}