Google has released a new update which brings a bunch of security fixes for the Chrome browser. The new releases version is 98.0.4758.102 and it is rolled out for both Linux, Mac, and Windows-based computers in a couple of days.
High severity CVEs, with rewards
As usual, Google does not provide the full details of the flaws until the majority of users update their browsers to a safe version. With the less-detailed version of the security fix notes, the company has shared the rewards for the people who found those bugs as well. Here are the notes of the security patches:
- ($15000) High | CVE-2022-0603: Use after free in File Manager
- ($7000) High | CVE-2022-0604: Heap buffer overflow in Tab Groups
- ($7000) High | CVE-2022-0605: Use after free in Webstore API
- ($7000) High | CVE-2022-0606: Use after free in ANGLE
- ($TBD) High | CVE-2022-0607: Use after free in GPU
- ($NA) High | CVE-2022-0608: Integer overflow in Mojo
- ($NA) High | CVE-2022-0609: Use after free in Animation
- ($TBD) Medium | CVE-2022-0610: Inappropriate implementation in Gamepad API
The company also warns about the CVE-2022-0603 flaw as it is currently being exploited by some threat actors. So immediate action should be the way to go in this case; simply update your Chrome web browser as soon as possible.
Chrome is generally updated automatically but in some urgent cases, like active exploitation of the aforementioned flaws, manually checking for updates and applying them is possible. Simply click the three dots at the rightmost side of the address bar to reach the menu, then follow Help > About Google Chrome. As you arrive at this page, Chrome will check and download updates immediately. Wait for the download and setup, then press the Relaunch button.