Google Chrome 103 update fixes 11 security issues
By gHacks - 20 July 2022
Google has released a security update for its Chrome desktop and Android browsers. The update brings the stable channel version of Chrome to 103.0.5060.134 on the desktop, and to 103.0.5060.129 on Android.
.
.
.
The maximum severity rating of all 11 security issues is high, the second highest after critical. Here is the full list as reported by Google:
— [$16000][1336266] High CVE-2022-2477 : Use after free in Guest View. Reported by anonymous on 2022-06-14
— [$7500][1335861] High CVE-2022-2478 : Use after free in PDF. Reported by triplepwns on 2022-06-13
— [$3000][1329987] High CVE-2022-2479 : Insufficient validation of untrusted input in File. Reported by anonymous on — 2022-05-28
— [$NA][1339844] High CVE-2022-2480 : Use after free in Service Worker API. Reported by Sergei Glazunov of Google Project Zero on 2022-06-27
— [$TBD][1341603] High CVE-2022-2481: Use after free in Views. Reported by YoungJoo Lee(@ashuu_lee) of CompSecLab at Seoul National University on 2022-07-04
— [$7000][1308341] Low CVE-2022-2163: Use after free in Cast UI and Toolbar. Reported by Chaoyuan Peng (@ret2happy) on 2022-03-21
Google makes no mention of attacks in the wild. It is still recommended to update Chrome to the latest version as soon as possible.
Full article: https://www.ghacks.net/2022/07/20/googl ... ty-issues/
(FWIW, Brave Browser was updated to Chromium 103.0.5060.134 on 20 July 2022.)