Chrome fixes around 36 security vulnerabilities in its stable channel update 88.0.4324.96

Chrome fixes around 36 security vulnerabilities in its stable channel update 88.0.4324.96

Hello everyone,


Google has promoted Chrome 88 to the stable channel for Mac and Linux with its latest update release. This release comes with 36 security fixes. The details of vulnerabilities fixed are given below:

 CVE ID
 Vulnerability
 Severity
 CVE-2021-21117
 Insufficient policy enforcement in Cryptohome
 Critical 
 CVE-2021-21118
 Insufficient data validation in V8
 High
 CVE-2021-21119
 Use after free in Media
 High
 CVE-2021-21120
 Use after free in WebSQL
 High
 CVE-2021-21121
 Use after free in Omnibox
 High
 CVE-2021-21122
 Use after free in Blink
 High
 CVE-2021-21123
 Insufficient data validation in File System API
 High
 CVE-2021-21124
 Potential user after free in Speech Recognizer
 High
 CVE-2021-21125
 Insufficient policy enforcement in File System API
 High
 CVE-2021-21126
 Insufficient policy enforcement in extensions
 Medium
 CVE-2021-21127
 Insufficient policy enforcement in extensions
 Medium
 CVE-2021-21128
 Heap buffer overflow in Blink
 Medium
 CVE-2021-21129
 Insufficient policy enforcement in File System API
 Medium
 CVE-2021-21130
 Insufficient policy enforcement in File System API
 Medium
 CVE-2021-21131
 Insufficient policy enforcement in File System API
 Medium
 CVE-2021-21132
 Inappropriate implementation in DevTools
 Medium
 CVE-2021-21133
 Insufficient policy enforcement in Downloads
 Medium
 CVE-2021-21134
 Incorrect security UI in Page Info
 Medium
 CVE-2021-21135
 Inappropriate implementation in Performance API
 Medium
 CVE-2021-21136
 Insufficient policy enforcement in WebView
 Low
 CVE-2021-21137
 Inappropriate implementation in DevTools
 Low
 CVE-2021-21138
 Use after free in DevTools
 Low
 CVE-2021-21139
 Inappropriate implementation in iframe sandbox
 Low
 CVE-2021-21140
 Uninitialized Use in USB
 Low
 CVE-2021-21141
 Insufficient policy enforcement in File System API
 Low
 CVE-2020-16044
 Use after free in WebRTC
 High

To patch these vulnerabilities, initiate a sync between the Patch Database and Patch Manager Plus server. Once synced, search for the following Patch IDs or Bulletin ID and deploy them to your target systems.

 Patch ID
 Bulletin ID
 Patch Description
 317970
 TU-017
 Google Chrome (x64) (88.0.4324.96)
 317969
 TU-017
 Google Chrome (88.0.4324.96)

Cheers, 

The ManageEngine team


              New to ADManager Plus?

                New to ADSelfService Plus?