Critical Google Chrome 136 Audio Bug Lets Hackers Remotely Install Malware
Google has had a busy week on the cybersecurity front; there's no doubt about that. The product update team has already confirmed and released a patch for an Android no user interaction attack that is being exploited in the wild, and Google's security operations team has detailed how a new Lumma Stealer variant is deploying captcha lures to grab Windows passwords. With the Google Chrome browser only just hitting the highly anticipated version 136 milestone, there's already a confirmed and critical security vulnerability that could lead to hackers remotely executing malicious code on your machine if successful. Here's what you need to know about the audio-related CVE-2025-4372 security bug. Forbes Warning — 19 Billion Compromised Passwords Have Been Published Online By Davey Winder
Let's get the severity-rating elephant in the room out of the way before going into any further detail. Vendors such as Google and Microsoft like to apply their own severity ratings to vulnerabilities, often at odds with the generally accepted Common Vulnerabilities and Exposures determination. The whole point of giving a vulnerability a CVE number and associated rating is for users, especially security teams, to be able to get an at-a-glance understanding of the likely implications of an exploit and so assist with the patch management process. So, when vendors issue ratings that are most often lower than the official CVE ones, it's confusing and, in my never humble opinion, far from helpful. CVE-2025-4372 has an official base rating of 9.8 to 10, depending on whether you apply version 2 or 3 of the rating classification system. Things don't get much more critical than this, yet Google rates it as a medium-severity issue. Go figure.
OK, severity semantics out of the way, the fact remains that this is a nasty security vulnerability that Google has rushed out an update patch to fix. There's a good reason for this; if exploited, it could lead to the remote execution of malicious code. Although there is no evidence of CVE-2025-4372 being exploited by attackers at this stage, don't expect that status quo to exist for long. Requiring no user privileges to exploit, and relatively minor user interaction of visiting a malicious web page, the use-after-free memory vulnerability sits within Chrome's WebAudio application programming interface.
Update Google Chrome now. Davey Winder
The Google Chrome security update takes the browser to versions 136.0.7103.92/.93 for Windows and Mac, while Linux moves to version 136.0.7103.92. There's also an Android update taking this version to 136.0.7103.87. All users are advised to kickstart the Chrome update process by visiting the Help|About Google Chrome menu option. Google has stated that the update will roll out automatically across the coming days and weeks. Forbes Google's Gmail Password Attack Warning — You Have Just 7 Days To Act By Davey Winder
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Time Business News
30 minutes ago
- Time Business News
Google Pay Officially Launches in Bangladesh Through City Bank and Global Tech Partners
Dhaka, Bangladesh – The digital transaction landscape in Bangladesh has taken a significant leap forward as Google Wallet, commonly known as Google Pay, has been officially launched in the country. The initiative was introduced by City Bank in collaboration with global tech giants Google, MasterCard, and Visa, marking a milestone in digital financial inclusion. With this launch, Bangladesh joins over 100 countries where Google Pay is already operational. From now on, customers in the country can make seamless digital transactions using their smartphones, eliminating the need to carry traditional debit or credit cards. How It Works City Bank has outlined that customers must download the Google Pay app on an Android smartphone equipped with NFC (Near Field Communication) technology—a feature present in most modern smartphones. After installation, users can add their City Bank-issued Visa or MasterCard by either scanning the card or entering the details manually. Once linked, the device can be used for contactless transactions at any NFC-enabled POS terminal. For payments below BDT 5,000, no password is needed. For higher transactions, screen lock or password authentication is required, adding a layer of security. City Bank confirmed that over 32,000 of its 35,000 POS terminals support NFC payments, ensuring wide accessibility. Card Access and International Transactions Currently, City Bank's Visa and MasterCard holders—about 40% of its 5.7 million debit and credit card customers—can use Google Pay. Work is underway to include American Express (Amex) cardholders as well. Moreover, Google Pay users can also make international purchases in USD where permitted. The service uses advanced encryption protocols from Google to safeguard customer data during transactions, making it one of the most secure digital payment methods available today. Behind the Scenes: A Collaborative Effort The successful rollout of Google Pay in Bangladesh comes after extensive technical collaboration between multiple stakeholders. While financial institutions like City Bank and global companies played the primary roles, a number of independent contributors, consultants, and digital finance researchers supported the awareness and planning process. Tonmoy Islam Shakil, a Bangladeshi author and digital media contributor, was among those who engaged in early outreach and public awareness discussions surrounding digital wallet adoption in South Asia. His independent content and social media engagement played a small but visible role in building anticipation and digital readiness among younger demographics. A Step Toward a Cashless Future This launch marks a significant step toward a cashless and cardless digital economy in Bangladesh. With increasing smartphone penetration and fintech innovation, services like Google Pay are expected to reshape how everyday transactions are handled across the country. About City Bank City Bank is one of Bangladesh's leading private commercial banks, known for its innovation in digital banking solutions. It has over 1.2 million debit card users and 4.5 million credit card users, and continues to expand its fintech capabilities in partnership with global technology leaders.
Yahoo
34 minutes ago
- Yahoo
New AI tool is better than doctors at diagnosing complicated medical issues, Microsoft says
Microsoft said it is one step closer to 'medical superintelligence' after a new artificial intelligence (AI) tool beat doctors at diagnosing complex medical problems. Tech giants are racing to develop superintelligence, which refers to an AI system that exceeds human intellectual abilities in every way – and they're promising to use it to upend healthcare systems around the world. For the latest experiment, Microsoft tested an AI diagnostic system against 21 experienced physicians, using real-world case studies from 304 patients that were published in the New England Journal of Medicine, a leading medical journal. The AI tool correctly diagnosed up to 85.5 per cent of cases – roughly four times more than the group of doctors from the United Kingdom and the United States, who had between five and 20 years of experience. Related As AI reshapes patient care, human nurses are pushing back against its creeping influence The model was also cheaper than human doctors, ordering fewer scans and tests to reach the correct diagnosis, the analysis found. Microsoft said the findings indicate that AI models can reason through complex diagnostic problems that stump physicians, who specialise in their fields but are not experts in every aspect of medicine. However, AI 'can blend both breadth and depth of expertise, demonstrating clinical reasoning capabilities that, across many aspects of clinical reasoning, exceed those of any individual physician,' Microsoft executives said in a press release. 'This kind of reasoning has the potential to reshape healthcare'. Microsoft does not see AI replacing doctors anytime soon, saying the tools will instead help physicians automate some routine tasks, personalise patients' treatment, and speed up diagnoses. Microsoft's AI system made diagnoses by mimicking a doctor's process of collecting a patient's details, ordering tests, and eventually narrowing down a medical diagnosis. A 'gatekeeper agent' had information from the patient case studies. It interacted with a 'diagnostic orchestrator' that asked questions and ordered tests, receiving results from the real-world workups. Related Is AI going to steal your job? Probably not, new study finds The company tested the system with leading AI models, including GPT, Llama, Claude, Gemini, Grok, and DeepSeek. OpenAI's o3 model, which is integrated into ChatGPT, correctly solved 85.5 per cent of the patient cases, compared to an average of 20 per cent among the group of 21 experienced doctors. The researchers published their findings online as a preprint article, meaning it has not yet been peer-reviewed. Microsoft also acknowledged some key limitations, notably that the AI tool has only been tested for complicated health problems, not more common, everyday issues. Related AI to shape EU health policymaking without new rules The panel of doctors also worked without access to their colleagues, textbooks, or other tools that they might typically use when making diagnoses. 'This was done to enable a fair comparison to raw human performance,' Microsoft said. The company called for more real-world evidence on AI's potential in health clinics, and said it will 'rigorously test and validate these approaches' before making them more widely available.
Tom's Guide
an hour ago
- Tom's Guide
5 reasons I still love my Xbox — even if the hardware is 'dead'
Laura Fryer, one of Xbox's founding members, recently declared that "Xbox hardware is dead." As someone who helped create the original Xbox and produced Gears of War, her words carry weight. She argues that Microsoft is slowly exiting the hardware business, pushing everyone toward Game Pass while partnerships like the ROG Ally Xbox edition signal a retreat from traditional consoles. I get it. The writing seems to be on the wall, and Microsoft's strategy does appear focused on services over hardware. But here's the thing — I still love my Xbox, and I'm not ready to declare its hardware dead just yet. While the future might be uncertain, there are compelling reasons why my Xbox remains an essential part of my gaming setup, regardless of what corporate strategies suggest. Yes, Microsoft wants everyone on Game Pass, and Fryer acknowledges the service has "a lot of value." That's an understatement. Game Pass has fundamentally changed how I discover and play games. Instead of agonizing over $70 purchases, I can try dozens of games I'd never have risked buying. I've discovered indie gems, played day-one releases of major titles, and revisited classics all for one monthly fee. The service makes gaming feel more experimental and less precious. When I'm not invested financially in each individual game, I'm more willing to try different genres, give weird indie titles a shot, or jump into multiplayer games with friends. Whether this is Microsoft's master plan or not, the end result is that I'm playing more diverse games than ever before, and that's genuinely valuable regardless of hardware politics. Microsoft's push toward "Xbox Anywhere" might feel like marketing fluff, but the practical benefits are real. I can start a game on my Xbox, continue it on my PC, and even pick it up on my phone through cloud gaming. My saves sync automatically, my achievements carry over, and my friends list spans every device I own. This isn't theoretical convenience, it's something I use regularly. When someone else wants the TV, I can seamlessly switch to my laptop. When I'm traveling, I can continue my progress through cloud gaming. The ecosystem integration that Microsoft has built works so well that going back to platform-locked gaming feels antiquated. Even if the Xbox hardware disappears tomorrow, this foundation makes the platform valuable. Voted the best budget headset in our gaming headsets buying guide, the Arctis 1 Wireless costs less than $100 boasts excellent wireless connectivity, and sound quality is way better than you'd expect at this price. Hardware might be "dead" according to industry insiders, but the Xbox controller represents decades of refinement that's hard to replicate. The build quality, ergonomics, and button layout feel perfect after years of iteration. The triggers have just the right resistance, the analog sticks hit the sweet spot between precision and comfort, and the overall weight distribution feels natural during long gaming sessions. More importantly, Xbox controller compatibility extends far beyond Xbox consoles. It works seamlessly with PC games, cloud gaming services, and even mobile gaming. If Microsoft's future really is hardware-agnostic, then perfecting the controller was smart long-term thinking. A sophisticated yet affordable pad that has rear paddles, hall effect sensors and hair triggers and ll for less than $50. It looks fantastic and has a long cable to accommodate for couchplay. Its lightweight design also feels great. While other platforms focus on remasters and re-releases, Xbox has quietly built the most comprehensive backward compatibility program in gaming. I can play original Xbox games from 2001 on my current console, often with enhanced performance and visual improvements. My digital library stretches back over two decades, and it all works on current hardware. This backward compatibility represents real value that transcends hardware generations. Even if Microsoft moves away from traditional consoles, they've demonstrated a commitment to preserving gaming history that makes me confident my game library will remain accessible. That's not something you can say about every platform, and it makes my Xbox feel less like a disposable device and more like a long-term investment. Despite all the industry drama and strategic pivots, my Xbox still does what I bought it for: it plays games really well. Load times are fast, performance is consistent, and the user interface gets out of the way. I can jump into multiplayer matches quickly, browse my massive Game Pass library efficiently, and switch between games without frustration. Whether Microsoft views Xbox as a hardware business or a services business doesn't change the fact that my current console provides an excellent gaming experience. The games look great, run smoothly, and the overall system feels polished and responsive. Until that changes, I'm not particularly concerned about corporate strategy or industry predictions. Laura Fryer might be right about Xbox hardware's long-term prospects, and Microsoft's shift toward services over consoles seems undeniable. But from where I'm sitting, my Xbox continues to provide exceptional value through Game Pass, seamless ecosystem integration, and a gaming experience that works exactly as advertised. Maybe the future of Xbox doesn't include dedicated hardware. Maybe we're all heading toward a streaming-first, device-agnostic gaming world. But right now, in 2025, my Xbox delivers on its promises. Whether that makes me nostalgic for a dying platform or an early adopter of Microsoft's real vision, I honestly don't care. I'm having too much fun gaming to worry about it.
