{"id":258764,"date":"2021-10-21T09:46:35","date_gmt":"2021-10-21T07:46:35","guid":{"rendered":"https:\/\/www.borncity.com\/blog\/?p=258764"},"modified":"2021-10-21T10:01:41","modified_gmt":"2021-10-21T08:01:41","slug":"sicherheitsupdate-auf-chrome-95-0-4638-54","status":"publish","type":"post","link":"https:\/\/borncity.com\/blog\/2021\/10\/21\/sicherheitsupdate-auf-chrome-95-0-4638-54\/","title":{"rendered":"Sicherheitsupdate auf Chrome 95.0.4638.54"},"content":{"rendered":"<p><img decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" src=\"https:\/\/borncity.com\/blog\/wp-content\/uploads\/2021\/06\/Chrome-01.jpg\" align=\"left\" \/>[<a href=\"https:\/\/borncity.com\/win\/2021\/10\/21\/chrome-95-0-4638-54\/\" target=\"_blank\" rel=\"noopener\">English<\/a>]Google hat zum 19. Oktober 2021 ein Sicherheitsupdate des Google Chrome 95.0.4638.54\u00a0f\u00fcr Windows, Mac und Linux freigegeben. Es ist ein Sicherheitsupdate, welches als hoch bewertete Schwachstellen schlie\u00dft. Hier ein kurzer \u00dcberblick.<\/p>\n<p><!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg07.met.vgwort.de\/na\/4dd7f347800847feb556e19b5d875bd5\" alt=\"\" width=\"1\" height=\"1\" \/>Im <a href=\"https:\/\/chromereleases.googleblog.com\/\" target=\"_blank\" rel=\"noopener\">Google-Blog<\/a> gibt es <a href=\"https:\/\/chromereleases.googleblog.com\/2021\/10\/stable-channel-update-for-desktop_19.html\" target=\"_blank\" rel=\"noopener\">diesen Beitrag<\/a> mit der kurzen Beschreibung der im Chrome 95.0.4638.54 f\u00fcr den Desktop geschlossenen Schwachstellen.<\/p>\n<ul>\n<li dir=\"ltr\">[$20000][<a href=\"https:\/\/crbug.com\/1246631\">1246631<\/a>] High CVE-2021-37981 : Heap buffer overflow in Skia. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-09-04<\/li>\n<li dir=\"ltr\">[$10000][<a href=\"https:\/\/crbug.com\/1248661\">1248661<\/a>] High CVE-2021-37982 : Use after free in Incognito. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi'anxin Group on 2021-09-11<\/li>\n<li dir=\"ltr\">[$10000][<a href=\"https:\/\/crbug.com\/1249810\">1249810<\/a>] High CVE-2021-37983 : Use after free in Dev Tools. Reported by Zhihua Yao of KunLun Lab on 2021-09-15<\/li>\n<li dir=\"ltr\">[$7500][<a href=\"https:\/\/crbug.com\/1253399\">1253399<\/a>] High CVE-2021-37984 : Heap buffer overflow in PDFium. Reported by Antti Levom\u00e4ki, Joonas Pihlaja and Christian Jalio from Forcepoint on 2021-09-27<\/li>\n<li dir=\"ltr\">[$5000][<a href=\"https:\/\/crbug.com\/1241860\">1241860<\/a>] High CVE-2021-37985 : Use after free in V8. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-08-20<\/li>\n<li dir=\"ltr\">[$6000][<a href=\"https:\/\/crbug.com\/1242404\">1242404<\/a>] Medium CVE-2021-37986 : Heap buffer overflow in Settings. Reported by raven (@raid_akame)\u00a0 on 2021-08-23<\/li>\n<li dir=\"ltr\">[$5000][<a href=\"https:\/\/crbug.com\/1206928\">1206928<\/a>] Medium CVE-2021-37987 : Use after free in Network APIs. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-05-08<\/li>\n<li dir=\"ltr\">[$5000][<a href=\"https:\/\/crbug.com\/1228248\">1228248<\/a>] Medium CVE-2021-37988 : Use after free in Profiles. Reported by raven (@raid_akame)\u00a0 on 2021-07-12<\/li>\n<li dir=\"ltr\">[$2000][<a href=\"https:\/\/crbug.com\/1233067\">1233067<\/a>] Medium CVE-2021-37989 : Inappropriate implementation in Blink. Reported by Matt Dyas, Ankur Sundara on 2021-07-26<\/li>\n<li dir=\"ltr\">[$N\/A][<a href=\"https:\/\/crbug.com\/1247395\">1247395<\/a>] Medium CVE-2021-37990 : Inappropriate implementation in WebView. Reported by Kareem Selim of CyShield on 2021-09-07<\/li>\n<li dir=\"ltr\">[$TBD][<a href=\"https:\/\/crbug.com\/1250660\">1250660<\/a>] Medium CVE-2021-37991 : Race in V8. Reported by Samuel Gro\u00df of Google Project Zero on 2021-09-17<\/li>\n<li dir=\"ltr\">[$TBD][<a href=\"https:\/\/crbug.com\/1253746\">1253746<\/a>] Medium CVE-2021-37992 : Out of bounds read in WebAudio. Reported by sunburst@Ant Security Light-Year Lab on 2021-09-28<\/li>\n<li dir=\"ltr\">[$TBD][<a href=\"https:\/\/crbug.com\/1255332\">1255332<\/a>] Medium CVE-2021-37993 : Use after free in PDF Accessibility. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2021-10-02<\/li>\n<li dir=\"ltr\">[$TBD][<a href=\"https:\/\/crbug.com\/1243020\">1243020<\/a>] Medium CVE-2021-37996 : Insufficient validation of untrusted input in Downloads. Reported by Anonymous on 2021-08-24<\/li>\n<li dir=\"ltr\">[$3000][<a href=\"https:\/\/crbug.com\/1100761\">1100761<\/a>] Low CVE-2021-37994 : Inappropriate implementation in iFrame Sandbox. Reported by David Erceg on 2020-06-30<\/li>\n<li dir=\"ltr\">[$1000][<a href=\"https:\/\/crbug.com\/1242315\">1242315<\/a>] Low CVE-2021-37995 : Inappropriate implementation in WebApp Installer. Reported by Terence Eden on 2021-08-23<\/li>\n<\/ul>\n<p>Details zur Schwachstelle werden aber keine ver\u00f6ffentlicht, bis der Gro\u00dfteil der Nutzer umgestiegen ist. Die Chrome-Version f\u00fcr Windows, Mac und Linux wird in den n\u00e4chsten Tagen \u00fcber die automatische Update-Funktion auf die Systeme ausgerollt. Die aktuelle Build des Chrome-Browsers l\u00e4sst sich auch <a href=\"https:\/\/www.google.com\/intl\/de_de\/chrome\/\" target=\"_blank\" rel=\"noopener\">hier herunterladen<\/a>. (<a href=\"https:\/\/www.deskmodder.de\/blog\/2021\/10\/20\/google-chrome-95-95-0-4638-54-korrigiert-19-sicherheitsluecken-und-weitere-aktualisierungen\/\" target=\"_blank\" rel=\"noopener\">via<\/a>)<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[English]Google hat zum 19. Oktober 2021 ein Sicherheitsupdate des Google Chrome 95.0.4638.54\u00a0f\u00fcr Windows, Mac und Linux freigegeben. Es ist ein Sicherheitsupdate, welches als hoch bewertete Schwachstellen schlie\u00dft. Hier ein kurzer \u00dcberblick.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1356,426,185],"tags":[406,4328,4315],"class_list":["post-258764","post","type-post","status-publish","format-standard","hentry","category-google-chrome-internet","category-sicherheit","category-update","tag-chrome","tag-sicherheit","tag-update"],"_links":{"self":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/258764","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/comments?post=258764"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/258764\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/media?parent=258764"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/categories?post=258764"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/tags?post=258764"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}