Google Releases Chrome Update Addressing 11 High Severity Vulnerabilities

 

Summary Google released a security update for its Chrome browser which included 28 security fixes. Among these fixes were 11 vulnerabilities which Google classified as high severity; nearly half of the 11 vulnerabilities were use-after-free vulnerabilities affecting various components of the browser. Successful exploitation of the most severe of these vulnerabilities would allow for arbitrary code execution. At this time, there are no reports of attackers exploiting these vulnerabilities in the wild. Analysis Affected Version The vulnerabilities affect Chrome versions prior to 99.0.4844.51. Potential Impact Successful exploitation of the most severe of these vulnerabilities could lead to arbitrary code execution on an impacted device in the context of the browser. Depending upon the privileges given to the browser on the impacted device, an attacker could view, change, or delete data. Recommendations Google has released a new stable Chrome update to address these vulnerabilities. Recommends organizations update to the latest Chrome release after conducting the appropriate testing. Additionally, organizations should ensure users run Chrome as non-privileged users to lower the effects of any successful attack. References https://chromereleases.googleblog.com/2022/03/stable-channel-update-for-desktop.html