[German]Google has released a slew of security updates for Google Chrome in the 107 branch in the stable channel for Mac, Linux and Windows as well as for Android (and iOS) on November 8, 2022. Ten vulnerabilities are closed in the process.
Advertising
Google Chrome Chrome 107.0.5304.110/107 (Stable Channel)
The relevant entry for Chrome 107.0.5304.110/107 in the Stable Channel can be found on the Google blog. The stable channel has been updated to 107.0.5304.110 for Mac and Linux and 107.0.5304.106/.107 for Windows. The update closes 10 vulnerabilities. Here are the explicitly mentioned vulnerabilities.
- [$21000][1377816] High CVE-2022-3885: Use after free in V8. Reported by gzobqq@ on 2022-10-24
- [$10000][1372999] High CVE-2022-3886: Use after free in Speech Recognition. Reported by anonymous on 2022-10-10
- [$7000][1372695] High CVE-2022-3887: Use after free in Web Workers. Reported by anonymous on 2022-10-08
- [$7000][1375059] High CVE-2022-3888: Use after free in WebCodecs. Reported by Peter Nemeth on 2022-10-16
- [$TBD][1380063] High CVE-2022-3889: Type Confusion in V8. Reported by anonymous on 2022-11-01
- [$TBD][1380083] High CVE-2022-3890: Heap buffer overflow in Crashpad. Reported by anonymous on 2022-11-01
Further vulnerabilities were found internally. Google does not provide any further information about the vulnerabilities. Chrome will be rolled out to systems via the automatic update feature in the next few days. One can (and in this case should) also update the browser manually (via the menu and the About Google Chrome command). The latest build of the Chrome browser can also be downloaded here.
Google Chrome 107.0.5304.10 for Android
This Google Chrome Browser entry states that for Android, version 107.0.5304.10 will be released in the Google Play Store in the coming days. The update contains the same security fixes as the corresponding desktop versions (see above).
ZIn addition, Chrome 107.0.5304.101 for iOS has been released.
Advertising