Google fixes several high-severity vulnerabilities in Chrome with its 90.0.4430.72 update

Google fixes several high-severity vulnerabilities in Chrome with its 90.0.4430.72 update

Hello everyone,

 

Chrome stable channel has been updated to 90.0.4430.72 for Windows, macOS, and Linux. This update comes with fixes for several high severity vulnerabilities. The details of the vulnerabilities are as follows:

 CVE ID
 Vulnerability
 Severity
 CVE-2021-21201
 Use after free in permissions High
 CVE-2021-21202
 Use after free in extensions High
 CVE-2021-21203
 Use after free in Blink High
 CVE-2021-21204
 Use after free in Blink High
 CVE-2021-21205
 Insufficient policy enforcement in navigation High
 CVE-2021-21207
 Use after free in IndexedDB Medium
 CVE-2021-21208
 Insufficient data validation in QR scanner Medium
 CVE-2021-21209 Inappropriate implementation in storage Medium
 CVE-2021-21210 Inappropriate implementation in Network Medium
 CVE-2021-21211 Inappropriate implementation in Navigation Medium
 CVE-2021-21212 Incorrect security UI in Network Config UI Medium
 CVE-2021-21213 Use after free in WebMIDI Medium
 CVE-2021-21214 Use after free in Network API Medium
 CVE-2021-21215 Inappropriate implementation in Autofill Medium
 CVE-2021-21216 Inappropriate implementation in Autofill Medium
 CVE-2021-21217 Uninitialized Use in PDFium Low
 CVE-2021-21218 Uninitialized Use in PDFium Low
 CVE-2021-21219 Uninitialized Use in PDFium Low
 CVE-2021-21221 Insufficient validation of untrusted input in Mojo High

To install these updates using Vulnerability Manager Plus, initiate a sync between the Central Patch Repository and the Vulnerability Manager Plus server. Once the sync is complete, search for the following Patch IDs or Bulletin ID and deploy them to your target systems.

 Patch ID Bulletin ID Patch Description
 319134 TU-017 Google Chrome (90.0.4430.72)
 319135 TU-017 Google Chrome (x64) (90.0.4430.72)

Cheers,

The ManageEngine Team