Chrome fixes around 36 security vulnerabilities in its stable channel update 88.0.4324.96
Hello everyone,
Google has promoted Chrome 88 to the stable channel for Mac and Linux with its latest update release. This release comes with 36 security fixes. The details of vulnerabilities fixed are given below:
CVE ID | Vulnerability | Severity |
CVE-2021-21117 | Insufficient policy enforcement in Cryptohome | Critical |
CVE-2021-21118 | Insufficient data validation in V8 | High |
CVE-2021-21119 | Use after free in Media | High |
CVE-2021-21120 | Use after free in WebSQL | High |
CVE-2021-21121 | Use after free in Omnibox | High |
CVE-2021-21122 | Use after free in Blink | High |
CVE-2021-21123 | Insufficient data validation in File System API | High |
CVE-2021-21124 | Potential user after free in Speech Recognizer | High |
CVE-2021-21125 | Insufficient policy enforcement in File System API | High |
CVE-2021-21126 | Insufficient policy enforcement in extensions | Medium |
CVE-2021-21127 | Insufficient policy enforcement in extensions | Medium |
CVE-2021-21128 | Heap buffer overflow in Blink | Medium |
CVE-2021-21129 | Insufficient policy enforcement in File System API | Medium |
CVE-2021-21130 | Insufficient policy enforcement in File System API | Medium |
CVE-2021-21131 | Insufficient policy enforcement in File System API | Medium |
CVE-2021-21132 | Inappropriate implementation in DevTools | Medium |
CVE-2021-21133 | Insufficient policy enforcement in Downloads | Medium |
CVE-2021-21134 | Incorrect security UI in Page Info | Medium |
CVE-2021-21135 | Inappropriate implementation in Performance API | Medium |
CVE-2021-21136 | Insufficient policy enforcement in WebView | Low |
CVE-2021-21137 | Inappropriate implementation in DevTools | Low |
CVE-2021-21138 | Use after free in DevTools | Low |
CVE-2021-21139 | Inappropriate implementation in iframe sandbox | Low |
CVE-2021-21140 | Uninitialized Use in USB | Low |
CVE-2021-21141 | Insufficient policy enforcement in File System API | Low |
CVE-2020-16044 | Use after free in WebRTC | High |
To patch these vulnerabilities, initiate a sync between the Patch Database and Desktop Central server. Once synced, search for the following Patch IDs or Bulletin ID and deploy them to your target systems.
Patch ID | Bulletin ID | Patch Description |
317970 | TU-017 | Google Chrome (x64) (88.0.4324.96) |
317969 | TU-017 | Google Chrome (88.0.4324.96) |
Cheers,
The ManageEngine team