Google fixes 2 zero-days along with several high-severity security vulnerabilities in Chrome 95.0.4638.69 stable channel update

Google fixes 2 zero-days along with several high-severity security vulnerabilities in Chrome 95.0.4638.69 stable channel update

Hello everyone,

 

Chrome stable channel has been updated to 95.0.4638.69 for Windows, macOS, and Linux. This update comes with fixes for 8 security vulnerabilities. Google has disclosed that it is aware of exploits for 2 of these vulnerabilities CVE-2021-38000 and CVE-2021-38003. The details of the vulnerabilities fixed are as follows:

 CVE ID
 Vulnerability
 Severity
 CVE-2021-37997
 Use after free in Sign-In
 High
 CVE-2021-37998
 Use after free in Garbage Collection
 High
 CVE-2021-37999
 Insufficient data validation in New Tab Page
 High
 CVE-2021-38000
 Insufficient validation of untrusted input in Intents
 High
 CVE-2021-38001
 Type Confusion in V8
 High
 CVE-2021-38002
 Use after free in Web Transport
 High
 CVE-2021-38003
 Inappropriate implementation in V8
 High

To install this update on your Windows machines, initiate a sync between the Central Patch Repository and the Desktop Central server. Once the sync is complete, search for the following Patch IDs or Bulletin ID and deploy them to your target systems.

 Patch ID
 Bulletin ID
 Patch Description
 322185
 TU-017
 Google Chrome (95.0.4638.69)
 322186
 TU-017
 Google Chrome (x64) (95.0.4638.69)

Cheers,

The ManageEngine Team