• October 1, 2022

Apple’s Shock MacBook Pro Decision

They’ve been up in lights, they’ve sat at the bleeding edge for the last two years, and they have upended the laptop computing market. Yet Apple looks set to make the …

Tesla Bot Optimus: Everything We Know So Far

Tesla CEO Elon Musk unveiled Optimus last night at the company’s AI Day. He had teased the Tesla robot last year at the same event by inviting an actor in a …

Warn Aging Parents About Post-Disaster Scammers

Devastating hurricanes, tornadoes, flooding, and fires, across many parts of the U.S. leave people vulnerable. Aging parents, often far away from family, are especially at risk. When disaster strikes, scammers see …

Google has warned Chrome users that multiple new vulnerabilities have been found in its browser. Fixes will roll out “over the coming days/weeks” though it is possible to protect yourself right now.

Google published the news on its official Chrome blog, confirming seven vulnerabilities, including four discovered by external researchers which it classifies as carrying a ‘High’ threat level. The vulnerabilities affect Chrome on Windows, macOS and Linux.

Google lists the four high threat vulnerabilities as:

  • High CVE-2022-2007: Use after free in WebGPU. Reported by David Manouchehri on 2022-05-17
  • High CVE-2022-2008: Out of bounds memory access in WebGL. Reported by khangkito – Tran Van Khang (VinCSS) on 2022-04-19
  • High CVE-2022-2010: Out of bounds read in compositing. Reported by Mark Brand of Google Project Zero on 2022-05-13
  • High CVE-2022-2011: Use after free in ANGLE. Reported by SeongHwan Park (SeHwa) on 2022-05-31

Google explains that “Access to bug details and links may be kept restricted until a majority of users are updated with a fix.” This is a nice way of saying the company is buying time for Chrome users to protect themselves, which is standard company policy. Both Use After Free (UAF) and Out of Bounds are related to memory management.

In response, Google has released Chrome 102.0.5005.115 and, while the company states that the roll out could take weeks, you don’t have to wait that long. To force the update immediately:

Advertisement
  1. Click the three dots in the top right corner of Chrome.
  2. Click Settings > Help > About Google Chrome.
  3. Wait for Chrome to find and install the update.
  4. When prompted, restart Chrome (this is critical).

Google has already warned users that the number of zero-day hacks (vulnerabilities which are actively exploited before they can be patched) are rising across all major platforms. And the same is true for web browsers:

So now that you have finished reading this article, go update your browser. Right now.

___

Follow Gordon on Facebook

More On Forbes

Advertisement

Leave a Reply

Your email address will not be published.