Google fixes 2 zero-days along with several high-severity security vulnerabilities in Chrome 95.0.4638.69 stable channel update

Google fixes 2 zero-days along with several high-severity security vulnerabilities in Chrome 95.0.4638.69 stable channel update

Hello everyone,

 

Chrome stable channel has been updated to 95.0.4638.69 for Windows, macOS, and Linux. This update comes with fixes for 8 security vulnerabilities. Google has disclosed that it is aware of exploits for 2 of these vulnerabilities CVE-2021-38000 and CVE-2021-38003. The details of the vulnerabilities fixed are as follows:

 CVE ID Vulnerability Severity
 CVE-2021-37997 Use after free in Sign-In High
 CVE-2021-37998 Use after free in Garbage Collection High
 CVE-2021-37999 Insufficient data validation in New Tab Page High
 CVE-2021-38000 Insufficient validation of untrusted input in Intents High
 CVE-2021-38001 Type Confusion in V8 High
 CVE-2021-38002 Use after free in Web Transport High
 CVE-2021-38003 Inappropriate implementation in V8 High

To install this update on your Windows machines, initiate a sync between the Central Patch Repository and the Patch Manager Plus server. Once the sync is complete, search for the following Patch IDs or Bulletin ID and deploy them to your target systems.

 Patch ID Bulletin ID Patch Description
 322185 TU-017 Google Chrome (95.0.4638.69)
 322186 TU-017 Google Chrome (x64) (95.0.4638.69)

Cheers,

The ManageEngine Team