Google has released Chrome version 102.0.505.115 for Windows, Mac and Linux. The new release fixes a total of seven security vulnerabilities – four of which are extremely serious. This update is being rolled out for desktop users on Windows, macOS and Linux platforms in the coming days. India’s Computer Emergency Response Team (CERT-In) and the United States Cyber Security and Infrastructure Agency (CISA) have urged users to install the latest Chrome release on their systems to prevent reported problems.
Four security issues of high severity are tracked by Google as CVE-2022-2007, CVE-2022-2008, CVE-2022-2010 and CVE-2022-2011. Explained In a blog post.
The vulnerability, tracked as CVE-2022-2007, is a use-after-free (UAF) vulnerability, which is present in APIs from WebGPU and allows attackers to hack by exploiting erroneous use of dynamic memory. On the other hand, the CVE-2022-2008 defect results in out-of-bounds memory access in WebGL.
The CVE-2022-2010 issue has also been found in Chrome’s compositing component, an out-of-bounds read vulnerability. The last high-risk vulnerability, CVE-2022-2011, is a use after free fault in the ANGLE Engine Abstraction Layer.
Although Google It has not provided public access to the details because of the large number of users yet to fix.
“We will also maintain the ban if a bug exists in a third-party library that other projects depend on, but have not yet been fixed,” the company said.
In response to Google’s public disclosure, CERT-In A vulnerability note has been issued urging users to install the latest update.
“Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code on a target system,” the advisory from the nodal agency said.
Users can check the latest release on their windows, MacAnd Linux going to system chrome , about Google Chrome, Updates can also be installed by clicking on the three-dot button from the far right corner and then helping out , about Google Chrome,