Google fixes a critical and several high severity vulnerabilities in its Chrome 104.0.5112.102/101 Stable Channel update

Google fixes a critical and several high severity vulnerabilities in its Chrome 104.0.5112.102/101 Stable Channel update

Hello everyone,

Chrome Stable Channel has been updated to 104.0.5112.102/101 for Windows104.0.5112.101 for Mac, and Linux. This update comes with 11 security fixes. The details of the vulnerabilities fixed are mentioned below:

CVE ID
Vulnerability
Severity
CVE-2022-2852
Use after free in FedCM
Critical
CVE-2022-2854
Use after free in SwiftShader
High
CVE-2022-2855
Use after free in ANGLE
High
CVE-2022-2857
Use after free in Blink
High
CVE-2022-2858
Use after free in Sign-In Flow
High
CVE-2022-2853
Heap buffer overflow in Downloads
High
CVE-2022-2856
Insufficient validation of untrusted input in Intents
High
CVE-2022-2859
Use after free in Chrome OS Shell
Medium
CVE-2022-2860
Insufficient policy enforcement in Cookies
Medium
CVE-2022-2861
Inappropriate implementation in Extensions API
Medium


As per the Chrome Releases blog, "Google is aware that an exploit for CVE-2022-2856 exists in the wild."

To install this update on your Windows / Mac machines, initiate a sync between the Central Patch Repository and the Endpoint Central / Patch Manager Plus / Vulnerability Manager Plus server. Once the sync is complete, search for the following Patch IDs or Bulletin ID and deploy them to your target systems.

Patch ID
Bulletin ID
Patch Description
326142
TU-017
Google Chrome (x64) (104.0.5112.102)
326141
TU-017
Google Chrome (104.0.5112.102)
604072
MAC-012
Google Chrome for Mac (104.0.5112.101)


Cheers,
The ManageEngine Team



                New to ADSelfService Plus?