{"id":271653,"date":"2022-08-17T08:36:27","date_gmt":"2022-08-17T06:36:27","guid":{"rendered":"https:\/\/www.borncity.com\/blog\/?p=271653"},"modified":"2022-08-31T15:03:33","modified_gmt":"2022-08-31T13:03:33","slug":"chrome-104-0-5112-101-102-fixt-11-schwachstellen","status":"publish","type":"post","link":"https:\/\/borncity.com\/blog\/2022\/08\/17\/chrome-104-0-5112-101-102-fixt-11-schwachstellen\/","title":{"rendered":"Chrome 104.0.5112.101\/102 fixt 11 Schwachstellen"},"content":{"rendered":"<p><img decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" title=\"Chrome\" src=\"https:\/\/borncity.com\/blog\/wp-content\/uploads\/2021\/06\/Chrome-01.jpg\" alt=\"Chrome\" align=\"left\" \/>[<a href=\"https:\/\/borncity.com\/win\/2022\/08\/17\/chrome-104-0-5112-101-102-fixt-11-schwachstellen\/\" target=\"_blank\" rel=\"noopener\">English<\/a>]Google hat zum 16. August 2022 das Update des Google Chrome 104.0.5112.101 f\u00fcr Linux und MacOS sowie 104.0.5112.102 f\u00fcr Windows\u00a0 auf dem Desktop im Stable Channel freigegeben. Mit dem Sicherheitsupdate werden zahlreiche Schwachstellen geschlossen.<\/p>\n<p><!--more--><\/p>\n<h2>Google Chrome 104.0.5112.101\/102<\/h2>\n<p>Der <a href=\"https:\/\/chromereleases.googleblog.com\/2022\/08\/stable-channel-update-for-desktop_16.html\" target=\"_blank\" rel=\"noopener\">betreffende Eintrag<\/a> f\u00fcr den Chrome 104.0.5112.x im Stable Channel findet sich im <a href=\"https:\/\/chromereleases.googleblog.com\/\" target=\"_blank\" rel=\"noopener\">Google-Blog<\/a>. Mit diesem Update werden 11 Sicherheitsl\u00fccken beseitigt, wobei Google nur die nachfolgend aufgef\u00fchrten Schwachstellen dokumentiert.<\/p>\n<ul>\n<li>[$NA][1349322] Critical CVE-2022-2852: Use after free in FedCM. Reported by Sergei Glazunov of Google Project Zero on 2022-08-02<\/li>\n<li>[$7000][1337538] High CVE-2022-2854: Use after free in SwiftShader. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2022-06-18<\/li>\n<li>[$7000][1345042] High CVE-2022-2855: Use after free in ANGLE. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2022-07-16<\/li>\n<li>[$5000][1338135] High CVE-2022-2857: Use after free in Blink. Reported by Anonymous on 2022-06-21<\/li>\n<li>[$5000][1341918] High CVE-2022-2858: Use after free in Sign-In Flow. Reported by raven at KunLun lab on 2022-07-05<\/li>\n<li>[$NA][1350097] High CVE-2022-2853: Heap buffer overflow in Downloads. Reported by Sergei Glazunov of Google Project Zero on 2022-08-04<\/li>\n<li>[$NA][1345630] High CVE-2022-2856: Insufficient validation of untrusted input in Intents. Reported by Ashley Shen and Christian Resell of Google Threat Analysis Group on 2022-07-19<\/li>\n<li>[$3000][1338412] Medium CVE-2022-2859: Use after free in Chrome OS Shell. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-06-22<\/li>\n<li>[$2000][1345193] Medium CVE-2022-2860: Insufficient policy enforcement in Cookies. Reported by Axel Chong on 2022-07-18<\/li>\n<li>[$TBD][1346236] Medium CVE-2022-2861: Inappropriate implementation in Extensions API. Reported by Rong Jian of VRI on 2022-07-21<\/li>\n<\/ul>\n<p>Weitere Bugs wurden durch interne Tests aufgedeckt und beseitigt. Google gibt aber keine weiteren Erl\u00e4uterungen, was Sache ist. Die Chrome-Version f\u00fcr Windows wird in den n\u00e4chsten Tagen \u00fcber die automatische Update-Funktion auf die Systeme ausgerollt. Man kann den Browser auch manuell (\u00fcber das Men\u00fc und den Befehl <em>\u00dcber Google Chrome<\/em>) aktualisieren. Die aktuelle Build des Chrome-Browsers l\u00e4sst sich auch <a href=\"https:\/\/www.google.com\/chrome\/\" target=\"_blank\" rel=\"noopener\">hier herunterladen<\/a>. (<a href=\"https:\/\/www.deskmodder.de\/blog\/2022\/08\/17\/google-chrome-104-0-5112-101-korrigiert-11-sicherheitsluecken-eine-davon-kritisch\/\" target=\"_blank\" rel=\"noopener\">via<\/a>)<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[English]Google hat zum 16. August 2022 das Update des Google Chrome 104.0.5112.101 f\u00fcr Linux und MacOS sowie 104.0.5112.102 f\u00fcr Windows\u00a0 auf dem Desktop im Stable Channel freigegeben. Mit dem Sicherheitsupdate werden zahlreiche Schwachstellen geschlossen.<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1356,426,185],"tags":[406],"class_list":["post-271653","post","type-post","status-publish","format-standard","hentry","category-google-chrome-internet","category-sicherheit","category-update","tag-chrome"],"_links":{"self":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/271653","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/comments?post=271653"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/271653\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/media?parent=271653"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/categories?post=271653"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/tags?post=271653"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}