Articles Uncategorized Chrome 103 fixes 14 vulnerabilities

Chrome 103 fixes 14 vulnerabilities


This week, Google developers released a stable version of Chrome 103 , which fixed 14 vulnerabilities. Independent researchers who uncovered some of these problems received a total of $44,000 from the company through a bug bounty program.

The most serious of all the issues addressed was CVE-2022-2156, which is a critical use-after-free vulnerability in Base. This bug was discovered by Google Project Zero specialist Mark Brand, meaning there was no bug bounty paid for this bug.

Use-after-free vulnerabilities can typically lead to arbitrary code execution, data corruption, or denial of service, and when combined with other issues, they can even lead to complete system compromise. In Chrome, they are often used to escape from the browser’s sandbox.

Chrome 103 also fixes three other use-after-free vulnerabilities discovered by external researchers. The bugs affected components such as Interest group (CVE-2022-2157, High severity), WebApp Provider (CVE-2022-2161, Medium severity), and Cast UI and Toolbar (CVE-2022-2163, Low severity ).

In addition, this Chrome update fixed a type confusion vulnerability discovered by a third party in the V8 JavaScript and WebAssembly engine (CVE-2022-2158), as well as four other medium and low severity issues.

The latest version of Chrome (103.0.5060.53) is already rolling out to Windows, Mac, and Linux users.

Must read

28 dangerous extensions detected for Google Chrome and Microsoft Edge

Avast experts have discovered malware hidden in at least 28 third-party...

Critical Infrastructure Warning! Millions of PLCs, switches, IoT devices are under threat

Eleven vulnerabilities, combined under the name Urgent / 11,...

Why Is It Important To Have Intrusion Detection And Prevention ?

This article describes why detection and prevention of burglaries...

The risk is real: attacks on OT infrastructure

Previously, many believed that attacks on an isolated OT...

Gitpaste-12: Linux bot armed with a dozen exploits

Researchers at Juniper Networks have discovered a Linux scripting...

Saferwall : Open Source Malware Analysis

Saferwall is an open source malware analysis platform. It...

Network Vulnerability Assessment ? Why Should Every Company Do it at least once a Year !

Network vulnerability assessment analyzes a variety of network issues,...

Artificial Intelligence and Cyber Security

As artificial intelligence intrudes into the world of cybersecurity,...

You might also likeRELATED
Recommended to you