Google Chrome 103 replace fixes 11 safety points

Google has launched a safety replace for its Chrome desktop and Android browsers. The replace brings the secure channel model of Chrome to 103.0.5060.134 on the desktop, and to 103.0.5060.129 on Android.

The safety replace is already out there. Most Chrome browsers will obtain the replace mechanically, because of the built-in automated updating performance. Chrome customers might velocity up the set up of the safety replace on desktop variations of Chrome by loading chrome://settings/assist in the browser’s deal with bar.

The present model is displayed on the web page and Chrome runs a test for updates to search out out if a brand new model is accessible. If not put in already, Chrome will obtain and set up the safety replace. A restart is required to finish the improve. The Android model of Chrome doesn’t help such an possibility, as updates are distributed completely by way of Google Play.

Google Chrome 103 safety fixes

Google revealed an article on the Chrome Releases Weblog to tell Chrome customers and directors concerning the replace. The weblog publish confirms that 11 completely different safety points are patched within the new Chrome launch. Six of those, all reported by third-party researchers, are talked about particularly on the weblog. Google doesn’t listing safety points that it discovered internally on the weblog.

The utmost severity ranking of all 11 safety points is excessive, the second highest after vital. Right here is the total listing as reported by Google:

  • [$16000][1336266] Excessive CVE-2022-2477 : Use after free in Visitor View. Reported by nameless on 2022-06-14
  • [$7500][1335861] Excessive CVE-2022-2478 : Use after free in PDF. Reported by triplepwns on 2022-06-13
  • [$3000][1329987] Excessive CVE-2022-2479 : Inadequate validation of untrusted enter in File. Reported by nameless on 2022-05-28
  • [$NA][1339844] Excessive CVE-2022-2480 : Use after free in Service Employee API. Reported by Sergei Glazunov of Google Undertaking Zero on 2022-06-27
  • [$TBD][1341603] Excessive CVE-2022-2481: Use after free in Views. Reported by YoungJoo Lee(@ashuu_lee) of CompSecLab at Seoul Nationwide College on 2022-07-04
  • [$7000][1308341] Low CVE-2022-2163: Use after free in Forged UI and Toolbar. Reported by Chaoyuan Peng (@ret2happy) on 2022-03-21
See also  A Yr after different browsers, Chrome is lastly getting a partial translate function

Google makes no point out of assaults within the wild. It’s nonetheless advisable to replace Chrome to the most recent model as quickly as potential.

Google launched the primary Chrome 103 launch earlier this month; this replace included a repair for a 0-day vulnerability that was exploited within the wild.

Now You: do you utilize Google Chrome?