{"id":261785,"date":"2022-01-20T07:44:53","date_gmt":"2022-01-20T06:44:53","guid":{"rendered":"https:\/\/www.borncity.com\/blog\/?p=261785"},"modified":"2023-06-11T14:58:53","modified_gmt":"2023-06-11T12:58:53","slug":"chrome-97-0-4692-99-erschienen-enthlt-fixes-fr-26-sicherheitslcken","status":"publish","type":"post","link":"https:\/\/borncity.com\/blog\/2022\/01\/20\/chrome-97-0-4692-99-erschienen-enthlt-fixes-fr-26-sicherheitslcken\/","title":{"rendered":"Chrome 97.0.4692.99 erschienen, enth&auml;lt Fixes f&uuml;r 26 Sicherheitsl&uuml;cken"},"content":{"rendered":"<p><img decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" src=\"https:\/\/borncity.com\/blog\/wp-content\/uploads\/2021\/06\/Chrome-01.jpg\" \/>[<a href=\"https:\/\/borncity.com\/win\/2022\/01\/20\/chrome-97-0-4692-99-erschienen-enthlt-fixes-fr-26-sicherheitslcken\/\" target=\"_blank\" rel=\"noopener\">English<\/a>]Google hat zum 19. Januar 2022 ein Update des Google Chrome 97.0.4692.99 f\u00fcr Windows, Mac und Linux (und die Version 97.0.4664.98 f\u00fcr Android) freigegeben. Es ist ein Update, welches 26 Schwachstellen schlie\u00dft. Hier ein kurzer \u00dcberblick.<\/p>\n<p><!--more--><\/p>\n<p>Im <a href=\"https:\/\/chromereleases.googleblog.com\/\" target=\"_blank\" rel=\"noopener\">Google-Blog<\/a> gibt es <a href=\"https:\/\/chromereleases.googleblog.com\/2022\/01\/stable-channel-update-for-desktop_19.html\" target=\"_blank\" rel=\"noopener\">diesen Beitrag<\/a> mit der kurzen Beschreibung der im Chrome 97.0.4692.99 f\u00fcr den Desktop geschlossenen Schwachstellen.<\/p>\n<ul>\n<li>[$NA][1284367] Critical CVE-2022-0289: Use after free in Safe browsing. Reported by Sergei Glazunov of Google Project Zero on 2022-01-05<\/li>\n<li>[$20000],[NA][1260134][1260007] High CVE-2022-0290: Use after free in Site isolation. Reported by Brendon Tiszka and Sergei Glazunov of Google Project Zero on 2021-10-15<\/li>\n<li>[$20000][1281084] High CVE-2022-0291: Inappropriate implementation in Storage. Reported by Anonymous on 2021-12-19<\/li>\n<li>[$17000][1270358] High CVE-2022-0292: Inappropriate implementation in Fenced Frames. Reported by Brendon Tiszka\u00a0 on 2021-11-16<\/li>\n<li>[$15000][1283371] High CVE-2022-0293: Use after free in Web packaging. Reported by Rong Jian and Guang Gong of 360 Alpha Lab on 2021-12-30<\/li>\n<li>[$10000][1273017] High CVE-2022-0294: Inappropriate implementation in Push messaging. Reported by Rong Jian and Guang Gong of 360 Alpha Lab on 2021-11-23<\/li>\n<li>[$10000][1278180] High CVE-2022-0295: Use after free in Omnibox. Reported by Weipeng Jiang (@Krace) and Guang Gong of 360 Vulnerability Research Institute on 2021-12-09<\/li>\n<li>[$7000][1283375] High CVE-2022-0296: Use after free in Printing. Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute on 2021-12-30<\/li>\n<li>[$5000][1274316] High CVE-2022-0297: Use after free in Vulkan. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2021-11-28<\/li>\n<li>[$TBD][1212957] High CVE-2022-0298: Use after free in Scheduling. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-05-25<\/li>\n<li>[$TBD][1275438] High CVE-2022-0300: Use after free in Text Input Method Editor. Reported by Rong Jian and Guang Gong of 360 Alpha Lab on 2021-12-01<\/li>\n<li>[$NA][1276331] High CVE-2022-0301: Heap buffer overflow in DevTools. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-12-03<\/li>\n<li>[$TBD][1278613] High CVE-2022-0302: Use after free in Omnibox. Reported by Weipeng Jiang (@Krace) and Guang Gong of 360 Vulnerability Research Institute on 2021-12-10<\/li>\n<li>[$TBD][1281979] High CVE-2022-0303: Race in GPU Watchdog. Reported by Yi\u011fit Can YILMAZ (@yilmazcanyigit) on 2021-12-22<\/li>\n<li>[$TBD][1282118] High CVE-2022-0304: Use after free in Bookmarks. Reported by Rong Jian and Guang Gong of 360 Alpha Lab on 2021-12-22<\/li>\n<li>[$TBD][1282354] High CVE-2022-0305: Inappropriate implementation in Service Worker API. Reported by @uwu7586 on 2021-12-23<\/li>\n<li>[$NA][1283198] High CVE-2022-0306: Heap buffer overflow in PDFium. Reported by Sergei Glazunov of Google Project Zero on 2021-12-29<\/li>\n<li>[$2000][1281881] Medium CVE-2022-0307: Use after free in Optimization Guide. Reported by Samet Bekmezci @sametbekmezci on 2021-12-21<\/li>\n<li>[$2000][1282480] Medium CVE-2022-0308: Use after free in Data Transfer. Reported by @ginggilBesel on 2021-12-24<\/li>\n<li>[$TBD][1240472] Medium CVE-2022-0309: Inappropriate implementation in Autofill. Reported by Alesandro Ortiz on 2021-08-17<\/li>\n<li>[$TBD][1283805] Medium CVE-2022-0310: Heap buffer overflow in Task Manager. Reported by Samet Bekmezci @sametbekmezci on 2022-01-03<\/li>\n<li>[$TBD][1283807] Medium CVE-2022-0311: Heap buffer overflow in Task Manager. Reported by Samet Bekmezci @sametbekmezci on 2022-01-03<\/li>\n<\/ul>\n<p>Hinzu kommen verschiedene Fixes, die Google intern bei Audits gefunden hat. Details zun Schwachstellen werden aber keine ver\u00f6ffentlicht, bis der Gro\u00dfteil der Nutzer umgestiegen ist. Die Chrome-Version f\u00fcr Windows, Mac und Linux wird in den n\u00e4chsten Tagen \u00fcber die automatische Update-Funktion auf die Systeme ausgerollt. Die aktuelle Build des Chrome-Browsers l\u00e4sst sich auch <a href=\"https:\/\/www.google.com\/intl\/de_de\/chrome\/\" target=\"_blank\" rel=\"noopener\">hier herunterladen<\/a>. (<a href=\"https:\/\/twitter.com\/CaschysBlog\/status\/1484046379748057088\" target=\"_blank\" rel=\"noopener\">via<\/a>)<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[English]Google hat zum 19. Januar 2022 ein Update des Google Chrome 97.0.4692.99 f\u00fcr Windows, Mac und Linux (und die Version 97.0.4664.98 f\u00fcr Android) freigegeben. Es ist ein Update, welches 26 Schwachstellen schlie\u00dft. Hier ein kurzer \u00dcberblick.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1356,185],"tags":[406,4315],"class_list":["post-261785","post","type-post","status-publish","format-standard","hentry","category-google-chrome-internet","category-update","tag-chrome","tag-update"],"_links":{"self":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/261785","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/comments?post=261785"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/261785\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/media?parent=261785"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/categories?post=261785"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/tags?post=261785"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}