Google Chrome was reported to have several security vulnerabilities with which users were prone to hacking attacks. But luckily, Google was quick and it has now released an updated Chrome version that fixes these issues. In response to this update, India’s Computer Emergency Response Team (CERT-In) and United States Cybersecurity Agency (CISA) have told users to update to the latest Chrome version. Also Read - How to turn on Dark Mode on Google Chrome
Security vulnerabilities detected on Google Chrome
As per a post by Google, there were seven security vulnerabilities in Chrome and four of which were considered critical. These vulnerabilities would allow hackers to exploit and take control of an affected system. Also Read - Google's on-device machine learning will help you block pop-ups and do a lot more
“Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code on the targeted system,” said an advisory from the nodal agency. Also Read - CERT-In flags bugs in Chrome OS, Mozilla products that can allow attackers to gain access to your data
Fortunately, Google Chrome’s new updated version with version number 102.05005.115 has fixed these issues. These issues were reported in the last few weeks and finally, Google has pushed an update for Chrome on Windows, Mac, and Linux.
While Google hasn’t revealed major details of these vulnerabilities, it has shared tracking their tracking numbers. Google tracks four of the highly severe vulnerabilities as CVE-2022-2007, CVE-2022-2008, CVE-2022-2010, and CVE-2022-2011.
The CVE-2022-2007 is a Use-After-Free (UAF) vulnerability that exists in WebGPU to API. It was first reported by David Manoucheri on 2022-05-17.
On the other hand, the CVE-2022-2008 is classified as out-of-bounds memory access in WebGL and was reported by Khangkito on 2022-04-19.
The CVE-2022-2010 is classified as Out of bounds read in compositing, while CVE-2022-2011 is classified as Use after free in ANGLE. Both were reported last month by Mark Brand of Google Project Zero and SeongHwan Park (SeHwa), respectively.
Although Google has publically listed these reported vulnerabilities in its blog post, there’s no public access to check all of their details.
CERT-In and CISA have urged users to update to the latest version of Google Chrome to prevent hacking attacks or other issues.