Home
Apps
Apps News
Google Chrome Update With 'High Severity' Bug Fixes on Mobiles, Windows, Mac, and Linux Released

Google Chrome Update With 'High Severity' Bug Fixes on Mobiles, Windows, Mac, and Linux Released

Google has withheld information around some of the vulnerabilities until a majority of users have installed the update.

Written by Anees Hussain, Edited by David Delima | Updated: 10 November 2022 19:44 IST

Photo Credit: Pixabay

Google Chrome users are advised to install the latest update on their devices

Click Here to Add Gadgets360 As A Trusted Source

Highlights

Google Chrome has been updated with 10 security fixes
The update fixes several memory corruption vulnerabilities
Google has detailed six highly critical Chrome security flaws

Google Chrome has been updated with important security fixes for Google's browser on smartphones as well as Windows, Mac, and Linux computers. The update fixes a total of ten security vulnerabilities on the popular browser. The updated Chrome browser will be rolled out over the coming days, Google said in an advisory. The company recommends that users should install the update as soon as it is rolled out to their devices. The company, however, restricted itself from revealing full details about the bugs until a majority of users have updated to the latest version. This information will be further withheld if the existence of similar flaws are identified in any third-party libraries that other projects depend on and haven't yet been addressed through a fix, according to Google.

The search giant lists six out of the ten addressed security vulnerabilities 'high severity' bugs, which means that users are advised to apply the updates as soon as possible to prevent their devices from being at risk of exploitation, Google said in its release notes.

The vulnerabilities could allow a remote attacker to exploit 'heap corruption' via a crafted HTML page. Memory corruption typically occurs in a computer program due to programming errors, and corrupted memory contents can lead either to program crashes or unexpected behaviour in the affected application.

Reclaim Space on Your PC by Cleaning Your Browser

The first and second heap corruption vulnerabilities are denoted by CVE-2022-3885 and CVE-2022-3886, which represent security flaws in V8, the open-source JavaScript engine that powers Google Chrome and Chromium web browsers, and the Speech Recognition on Google Chrome, respectively.

The third security flaw has been recorded as CVE-2022-3887 and affects Web Workers, a feature allowing scripts to run in the background. Meanwhile, CVE-2022-3888 affects the WebCodecs API on Google Chrome.

Google has also mitigated the CVE-2022-3889 vulnerability in Chrome, which provides the browser's V8 engine with the wrong code, while CVE-2022-3890 can be used by remote attackers to escape the "sandbox" security measures used to isolate the browser from critical system components, using Crashpad.

Windows 10, Chrome to Allow Easy Switching of Default Browsers: Report

Meanwhile, the firm has credited and rewarded external security researchers who responsibly disclosed the vulnerabilities, allowing Google to patch them in time. The company has paid rewards of up to $21,000 (roughly Rs. 17,15,000) to the researchers who discovered them.

Apple Pay Said to Work on Chrome, Edge, and Firefox on Latest iOS 16 Beta

Are the Pixel 7 and 7 Pro the best in their segment? We discuss this on Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.

Affiliate links may be automatically generated - see our ethics statement for details.

Comments

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.