Google Chrome Updated with Security Fixes on Mobile, Windows, Mac, Linux
Google Chrome has been updated with important security fixes for Google’s browser on smartphones and computers for Windows, Mac, and Linux. The update fixes a total of ten vulnerabilities in the popular browser. An updated Chrome browser will be launched in the coming days, Google advised. The company recommends that users should install the update as soon as it is released on their devices. The company, however, has restricted itself from revealing full details about the bugs until most users have upgraded to the latest version. This information will also be withheld if the presence of similar errors is identified in any third-party libraries that other projects depend on and have not yet been fixed, according to Google.
The search giant lists the six security vulnerabilities in question as ‘severe’ bugs, meaning users are advised to apply updates immediately to prevent their devices from being vulnerable to exploitation, Google said in its release notes. .
The vulnerability could allow a remote attacker to exploit a ‘package of corruption’ via a crafted HTML page. Memory corruption usually occurs in a computer program due to program errors, and the contents of the corrupted memory can lead to program crashes or unexpected behavior in the affected application.
The first and second batch vulnerabilities are defined as CVE-2022-3885 and CVE-2022-3886, which represent security flaws in V8, the open source JavaScript engine that powers Google Chrome and Chromium web browsers, and Recognition Of speech on Google. Chrome, respectively.
The third security flaw is recorded as CVE-2022-3887 and affects Web Workers, a feature that allows scripts to run in the background. Meanwhile, CVE-2022-3888 affects the WebCodecs API in Google Chrome.
Google also downgraded the CVE-2022-3889 vulnerability in Chrome, which provides the browser’s V8 engine with malicious code, while CVE-2022-3890 can be used by remote attackers to evade the “sandbox” security measures used to isolate the browser. from sensitive parts of the system using Crashpad.
During that time, the company rewarded and rewarded external security researchers who uncovered the vulnerability, allowing Google to patch it early. The company paid rewards of up to $21,000 (roughly Rs. 17,15,000) to the researchers who discovered them.
