Google fixes several high-severity vulnerabilities in Chrome with its 90.0.4430.72 update
Hello everyone,
Chrome stable channel has been updated to 90.0.4430.72 for Windows, macOS, and Linux. This update comes with fixes for several high severity vulnerabilities. The details of the vulnerabilities are as follows:
CVE ID | Vulnerability | Severity |
CVE-2021-21201 | Use after free in permissions | High |
CVE-2021-21202 | Use after free in extensions | High |
CVE-2021-21203 | Use after free in Blink | High |
CVE-2021-21204 | Use after free in Blink | High |
CVE-2021-21205 | Insufficient policy enforcement in navigation | High |
CVE-2021-21207 | Use after free in IndexedDB | Medium |
CVE-2021-21208 | Insufficient data validation in QR scanner | Medium |
CVE-2021-21209 | Inappropriate implementation in storage | Medium |
CVE-2021-21210 | Inappropriate implementation in Network | Medium |
CVE-2021-21211 | Inappropriate implementation in Navigation | Medium |
CVE-2021-21212 | Incorrect security UI in Network Config UI | Medium |
CVE-2021-21213 | Use after free in WebMIDI | Medium |
CVE-2021-21214 | Use after free in Network API | Medium |
CVE-2021-21215 | Inappropriate implementation in Autofill | Medium |
CVE-2021-21216 | Inappropriate implementation in Autofill | Medium |
CVE-2021-21217 | Uninitialized Use in PDFium | Low |
CVE-2021-21218 | Uninitialized Use in PDFium | Low |
CVE-2021-21219 | Uninitialized Use in PDFium | Low |
CVE-2021-21221 | Insufficient validation of untrusted input in Mojo | High |
To install these updates using Desktop Central, initiate a sync between the Central Patch Repository and the Desktop Central server. Once the sync is complete, search for the following Patch IDs or Bulletin ID and deploy them to your target systems.
Patch ID | Bulletin ID | Patch Description |
319134 | TU-017 | Google Chrome (90.0.4430.72) |
319135 | TU-017 | Google Chrome (x64) (90.0.4430.72) |
Cheers,
The ManageEngine Team