Chrome for Windows, Mac, Linux Updates With 4 High-Risk Vulnerability Fixes

by Pelican Press
78 views 3 minutes read

Chrome for Windows, Mac, Linux Updates With 4 High-Risk Vulnerability Fixes

Google has released Chrome version 102.0.5005.115 for Windows, Mac, and Linux. The new release fixes a total of seven security vulnerabilities — of which, four are marked highly severe. The update is rolling out to desktop users across Windows, macOS and Linux platforms over the coming days. India’s Computer Emergency Response Team (CERT-In) and the United States Cybersecurity and Infrastructure Agency (CISA) have urged users to install the latest Chrome release on their systems to prevent the reported issues.

The four security issues that are rated with high severity are tracked as CVE-2022-2007, CVE-2022-2008, CVE-2022-2010, and CVE-2022-2011, as Google explained in a blog post.

The vulnerability that is tracked as CVE-2022-2007 is a Use-After-Free (UAF) vulnerability, which exists in the WebGPU to API and allows attackers to hack by exploiting incorrect use of dynamic memory. The CVE-2022-2008 flaw, on the other hand, results in out-of-bounds memory access in WebGL.

Chrome’s compositing component is also found to have the CVE-2022-2010 issue, which is an out-of-bounds read vulnerability. The last high-risk vulnerability, CVE-2022-2011, is a use after free flaw in ANGLE engine abstraction layer.

Although Google has detailed the four highly severe issues, it has not provided public access to the details as a large number of users are yet to bring the fix.

“We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven’t yet fixed,” the company said.

In response to the public disclosure from Google, CERT-In has released a vulnerability note to urge users to install the latest update.

“Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code on the targeted system,” the advisory by the nodal agency said.

The CISA has also encouraged users and administrators to apply the update on their systems.

Users can check for the latest release on their Windows, Mac, and Linux systems by going to Chrome > About Google Chrome. The update can also be installed by clicking on the three-dot button from the right-most corner and then Help > About Google Chrome.


Affiliate links may be automatically generated – see our ethics statement for details.



Source link

google chrome desktop 102.0.5005.115 windows mac linux security fixes cert in cisa update google chrome,chrome 102.0.5005.115,chrome,google,windows,mac,linux
#Chrome #Windows #Mac #Linux #Updates #HighRisk #Vulnerability #Fixes

Add Comment

You may also like