Skip to content
Chrome updates for Windows, Mac and Linux with 4 high-risk vulnerability fixes


Google has released Chrome version 102.0.5005.115 for Windows, Mac, and Linux. The new release fixes a total of seven security vulnerabilities, four of which are marked as very serious. The update will be rolling out to desktop users on Windows, macOS, and Linux platforms over the next few days. India’s Computer Emergency Response Team (CERT-In) and the US Cybersecurity and Infrastructure Agency (CISA) have urged users to install the latest version of Chrome on their systems to avoid the reported issues.

The four security issues categorized as high severity are tracked as CVE-2022-2007, CVE-2022-2008, CVE-2022-2010, and CVE-2022-2011, as Google explained in a blog post.

The vulnerability identified as CVE-2022-2007 is a Use-After-Free (UAF) vulnerability, which exists in the WebGPU to API and allows attackers to hack by exploiting improper dynamic memory usage. The CVE-2022-2008 flaw, on the other hand, causes out-of-bounds memory access in WebGL.

Chrome’s compose component also has issue CVE-2022-2010, which is an out-of-bounds read vulnerability. The latest high-risk vulnerability, CVE-2022-2011, is a use after free flaw in the ANGLE engine abstraction layer.

Although Google detailed the four very serious issues, it did not provide public access to the details because a large number of users have not yet made the fix.

“We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but have not yet been fixed,” the company said.

In response to Google’s public disclosure, CERT-In released a vulnerability note to urge users to install the latest update.

“Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code on the targeted system,” the nodal agency advisory said.

CISA has also encouraged users and administrators to apply the update to their systems.

Users can check for the latest version on their Windows, Mac, and Linux systems by going to Chromium > About Google Chrome. The update can also be installed by clicking the three-dot button in the rightmost corner, then To help > About Google Chrome.


Tech

Not all news on the site expresses the point of view of the site, but we transmit this news automatically and translate it through programmatic technology on the site and not from a human editor.