Google has issued a security alert to Chrome users, advising them that many new vulnerabilities have been discovered in the browser. Fixes will be rolled out "over the following days/weeks," but you can protect yourself now.
Google announced the announcement on its official Chrome blog, disclosing seven vulnerabilities, four of which were found by outside researchers and are rated as 'High' threats. Chrome on Windows, macOS, and Linux are all affected by the flaws.
The four high-threat vulnerabilities, according to Google, are:
- High - CVE-2022-2007: In WebGPU, use after free. David Manouchehri reported it on 2022-05-17.
- CVE-2022-2008: Out-of-bounds memory access in WebGL is a high-risk vulnerability. khangkito - Tran Van Khang (VinCSS) reported this on 2022-04-19.
- High - CVE-2022-2010: Compositing read out of boundaries. Mark Brand of Google Project Zero reported on this on 2022-05-13.
- High - CVE-2022-2011: In ANGLE, use after free. SeongHwan Park (SeHwa) reported this on 2022-05-31.
"Access to problem details and links may be restricted until a majority of users have been updated with a patch," Google says. This is a kind way of indicating that the corporation is buying time for Chrome users to protect themselves, as is usual company policy. Memory management is linked to both Use After Free (UAF) and Out of Bounds.
Google has responded by releasing Chrome 102.0.5005.115, and while the firm says the rollout could take weeks, you won't have to wait that long. To force an instant update, type:
- In Chrome, click the three dots in the top right corner.
- To learn more about Google Chrome, go to Settings > Help > About Google Chrome.
- Allow Chrome to search for and install the update.
- Restart Chrome when requested (this is critical).
0 Comments