{"id":259474,"date":"2021-11-16T00:02:00","date_gmt":"2021-11-15T23:02:00","guid":{"rendered":"https:\/\/www.borncity.com\/blog\/?p=259474"},"modified":"2021-11-15T19:34:24","modified_gmt":"2021-11-15T18:34:24","slug":"chrome-96-0-4664-45","status":"publish","type":"post","link":"https:\/\/borncity.com\/blog\/2021\/11\/16\/chrome-96-0-4664-45\/","title":{"rendered":"Chrome 96.0.4664.45"},"content":{"rendered":"<p><img decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" src=\"https:\/\/borncity.com\/blog\/wp-content\/uploads\/2021\/06\/Chrome-01.jpg\" \/>[<a href=\"https:\/\/borncity.com\/win\/?p=22145\" target=\"_blank\" rel=\"noopener\">English<\/a>]Google hat zum 15. November 2021 ein Update des Google Chrome 96.0.4664.45f\u00fcr Windows, Mac und Linux (und Android) freigegeben. Es ist ein neuer Entwicklungszweig, welches aber auch einige Schwachstellen schlie\u00dft. Hier ein kurzer \u00dcberblick.<\/p>\n<p><!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg08.met.vgwort.de\/na\/e23430a10ded4cdb966ff8752260d35d\" alt=\"\" width=\"1\" height=\"1\" \/>Im <a href=\"https:\/\/chromereleases.googleblog.com\/\" target=\"_blank\" rel=\"noopener\">Google-Blog<\/a> gibt es <a href=\"https:\/\/chromereleases.googleblog.com\/2021\/11\/stable-channel-update-for-desktop.html\">diesen Beitrag<\/a> mit der kurzen Beschreibung der im Chrome 96.0.4664.45 f\u00fcr den Desktop geschlossenen Schwachstellen.<\/p>\n<ul>\n<li>[$7500][1254189] High CVE-2021-38007: Type Confusion in V8. Reported by Polaris Feng and SGFvamll at Singular Security Lab on 2021-09-29<\/li>\n<li>[$7500][1263620] High CVE-2021-38008: Use after free in media. Reported by Marcin Towalski of Cisco Talos on 2021-10-26<\/li>\n<li>[$2000][1260649] High CVE-2021-38009: Inappropriate implementation in cache. Reported by Luan Herrera (@lbherrera_) on 2021-10-16<\/li>\n<li>[$TBD][1240593] High CVE-2021-38006: Use after free in storage foundation. Reported by Sergei Glazunov of Google Project Zero on 2021-08-17<\/li>\n<li>[$TBD][1241091] High CVE-2021-38005: Use after free in loader. Reported by Sergei Glazunov of Google Project Zero on 2021-08-18<\/li>\n<li>[$TBD][1264477] High CVE-2021-38010: Inappropriate implementation in service workers. Reported by Sergei Glazunov of Google Project Zero on 2021-10-28<\/li>\n<li>[$TBD][1268274] High CVE-2021-38011: Use after free in storage foundation. Reported by Sergei Glazunov of Google Project Zero on 2021-11-09<\/li>\n<li>[$15000][1262791] Medium CVE-2021-38012: Type Confusion in V8. Reported by Yonghwi Jin (@jinmo123) on 2021-10-24<\/li>\n<li>[$10000][1242392] Medium CVE-2021-38013: Heap buffer overflow in fingerprint recognition. Reported by raven (@raid_akame) on 2021-08-23<\/li>\n<li>[$5000][1248567] Medium CVE-2021-38014: Out of bounds write in Swiftshader. Reported by Atte Kettunen of OUSPG on 2021-09-10<\/li>\n<li>[$3000][957553] Medium CVE-2021-38015: Inappropriate implementation in input. Reported by David Erceg on 2019-04-29<\/li>\n<li>[$3000][1244289] Medium CVE-2021-38016: Insufficient policy enforcement in background fetch. Reported by Maurice Dauer\u00a0 on 2021-08-28<\/li>\n<li>[$2500][1256822] Medium CVE-2021-38017: Insufficient policy enforcement in iframe sandbox. Reported by NDevTK on 2021-10-05<\/li>\n<li>[$2000][1197889] Medium CVE-2021-38018: Inappropriate implementation in navigation. Reported by Alesandro Ortiz on 2021-04-11<\/li>\n<li>[$1000][1251179] Medium CVE-2021-38019: Insufficient policy enforcement in CORS. Reported by Maurice Dauer on 2021-09-20<\/li>\n<li>[$1000][1259694] Medium CVE-2021-38020: Insufficient policy enforcement in contacts picker. Reported by Luan Herrera (@lbherrera_) on 2021-10-13<\/li>\n<li>[$500][1233375] Medium CVE-2021-38021: Inappropriate implementation in referrer. Reported by Prakash (@1lastBr3ath) and Jun Kokatsu on 2021-07-27<\/li>\n<li>[$TBD][1248862] Low CVE-2021-38022: Inappropriate implementation in WebAuthentication. Reported by Michal Kepkowski on 2021-09-13<\/li>\n<\/ul>\n<p>Details zur Schwachstelle werden aber keine ver\u00f6ffentlicht, bis der Gro\u00dfteil der Nutzer umgestiegen ist. Die Chrome-Version f\u00fcr Windows, Mac und Linux wird in den n\u00e4chsten Tagen \u00fcber die automatische Update-Funktion auf die Systeme ausgerollt. Die aktuelle Build des Chrome-Browsers l\u00e4sst sich auch <a href=\"https:\/\/www.google.com\/intl\/de_de\/chrome\/\" target=\"_blank\" rel=\"noopener\">hier herunterladen<\/a>. (<a href=\"https:\/\/www.deskmodder.de\/blog\/2021\/11\/15\/google-chrome-96-96-0-4664-45-fuer-desktop-und-android-steht-zum-download-bereit\/\" target=\"_blank\" rel=\"noopener\">via<\/a>)<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[English]Google hat zum 15. November 2021 ein Update des Google Chrome 96.0.4664.45f\u00fcr Windows, Mac und Linux (und Android) freigegeben. Es ist ein neuer Entwicklungszweig, welches aber auch einige Schwachstellen schlie\u00dft. Hier ein kurzer \u00dcberblick.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1356],"tags":[406],"class_list":["post-259474","post","type-post","status-publish","format-standard","hentry","category-google-chrome-internet","tag-chrome"],"_links":{"self":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/259474","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/comments?post=259474"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/259474\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/media?parent=259474"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/categories?post=259474"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/tags?post=259474"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}