August has seen a flurry of patches released by technology giants like Microsoft, Google Chrome, and Firefox to fix serious vulnerabilities. These patches are crucial as some of the flaws are already being exploited in attacks. While there was no iPhone update from Apple, major fixes were released for enterprise software, including Ivanti, SAP, and Cisco. Microsoft's Patch Tuesday fixed numerous vulnerabilities, including ones being actively targeted. Google Chrome also issued updates, addressing high impact flaws in V8 and WebRTC. Firefox patched various vulnerabilities, some of which could lead to arbitrary code execution. Lastly, Google patched several critical vulnerabilities in its Android operating system, including RCE issues in System and Media Framework.
Apple has released emergency security updates to fix two new zero-day vulnerabilities that were exploited in attacks targeting iPhone and Mac users, bringing the total number of exploited zero-days patched this year to 13.
Google is giving its Chrome browser a makeover for its 15th birthday, with a new look based on Material You design language, refreshed icons, improved legibility, and new color palettes. Additionally, there will be better integration with operating systems, enhanced browser security, and updates to the Chrome Web Store.
Google is deprecating its standard Safe Browsing feature in Chrome and moving users to Enhanced Safe Browsing, which provides real-time phishing protection but raises privacy concerns.
Google has made its Privacy Sandbox available in the latest Chrome update, aiming to help advertisers deliver targeted ads and give users more control over their personal data. Advertisers can show ads to specific audiences and measure their campaign effectiveness, while Chrome users can customize their ad preferences for a more personalized experience.
Google is extending the update lifespan of Chromebooks to 10 years and introducing adaptive charging and an energy saver mode.
Many popular web browsers including Google Chrome, Microsoft Edge, Firefox, and Brave have issued security updates to fix a critical vulnerability that could allow malicious code to be run on users' computers.
Google has released the September security update for Pixel phones, which is still based on Android 13, addressing 32 vulnerabilities and including a Pixel-specific CVE.
Apple has released emergency security updates to fix three new zero-day vulnerabilities that were exploited to target iPhone and Mac users, bringing the total number of zero-days fixed this year to 16. The vulnerabilities allowed attackers to bypass signature validation, execute arbitrary code, and escalate privileges. The impacted devices include iPhone 8 and later, iPad mini 5th generation and later, Macs running macOS Monterey and newer, and Apple Watch Series 4 and later. The zero-days were discovered and reported by security researchers at Citizen Lab and Google's Threat Analysis Group.
Apple has released urgent security updates to patch vulnerabilities actively exploited, including flaws in WebKit, certificate validation, and kernel access, which were part of an exploit chain used to plant the Pegasus and Predator spyware.
Google has resubmitted a disclosure of a critical code-execution vulnerability, originally thought to only affect the Chrome browser, revealing that thousands of apps and software frameworks are affected by the flaw.
Google is releasing the Chrome OS 117 update for Chromebooks, introducing a Material You redesign, new notification and privacy features, Dynamic Color theming, simplified system specs access, adaptive charging, and additional functionalities.
Google has released the October 2023 security updates for Android, addressing 54 vulnerabilities, including two actively exploited flaws, with one impacting various software products and the other affecting multiple versions of Arm Mali GPU drivers on Android devices.
Google is potentially developing a way to install ChromeOS Flex on unsupported Chromebooks, according to a recent Chromium Gerrit commit, potentially extending the lifespan of these devices.
