Jump to content
  • Google Chrome 107 Stable out with 10 security fixes


    Karlston

    • 303 views
    • 3 minutes
     Share


    • 303 views
    • 3 minutes

    Google released a new stable version of the company's Chrome web browser yesterday. The Chrome 107 update patches 10 different security issues in the web browser.

     

    chrome-107-security-update.png

     

    Chrome desktop installations should receive the update automatically over the coming days and weeks. Administrators may speed up the upgrade by updating the browser manually.

     

    To do that, it is necessary to open chrome://settings/help in the browser's address bar (you may also reach the internal page via Menu > Help > About Google Chrome). Chrome displays the current version and runs a check for updates. The browser should pick up the update at this point and install it automatically.

     

    Chrome is up to date if the following version is listed on the page (it depend on the operating system)

     

    • Mac: 107.0.5304.110
    • Linux: 107.0.5304.110
    • Windows: 107.0.5304.106/.107

     

    The new Chrome release fixes 10 different security issues in the browser. Google discloses externally reported vulnerabilities only to the public. For this particular update, six of the ten vulnerabilities are listed by Google. These are:

     

    1. [$21000][1377816] High CVE-2022-3885: Use after free in V8. Reported by gzobqq@ on 2022-10-24
    2. [$10000][1372999] High CVE-2022-3886: Use after free in Speech Recognition. Reported by anonymous on 2022-10-10
    3. [$7000][1372695] High CVE-2022-3887: Use after free in Web Workers. Reported by anonymous on 2022-10-08
    4. [$7000][1375059] High CVE-2022-3888: Use after free in WebCodecs. Reported by Peter Nemeth on 2022-10-16
    5. [$TBD][1380063] High CVE-2022-3889: Type Confusion in V8. Reported by anonymous on 2022-11-01
    6. [$TBD][1380083] High CVE-2022-3890: Heap buffer overflow in Crashpad. Reported by anonymous on 2022-11-01

     

    All six security vulnerabilities have a severity rating of high, second only to vulnerabilities rated as critical. Google does not mention that any of the vulnerabilities are exploited in the wild at the time of releasing the update. Still, most administrators may want to update the browser as soon as possible to protect it from potential attacks.

     

    Google released an update for the Android version of Chrome as well. The Android release includes the same security fixes as the desktop update according to Google. There has been no mention of an update for Chrome's Extended Stable channel.

     

    Expect other Chromium-based browser developers to release updates for their browsers as well in the coming days.

     

    Now You: do you run Google Chrome or another Chromium-based browser?

     

     

     

    Google Chrome 107 Stable out with 10 security fixes

     

    Frontpaged:   Google Chrome 107.0.5304.107


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...