Google fixes several security vulnerabilities with the Chrome 89.0.4389.72 update

Google fixes several security vulnerabilities with the Chrome 89.0.4389.72 update

Hello everyone,

Chrome stable channel has been updated to 89.0.4389.72 for Windows, macOS, and Linux. This update comes with fixes for several high severity vulnerabilities. The details of the vulnerabilities are as follows:

 CVE ID
 Vulnerability
 Severity
 CVE-2021-21159
 Heap buffer overflow in TabStrip
 High
 CVE-2021-21160
 Heap buffer overflow in WebAudio
 High
 CVE-2021-21161
 Heap buffer overflow in TabStrip
 High
 CVE-2021-21162
 Use after free in WebRTC
 High
 CVE-2021-21163
 Insufficient data validation in Reader Mode
 High
 CVE-2021-21164
 Insufficient data validation in Chrome for iOS
 High
 CVE-2021-21165
 Object lifecycle issue in audio
 High
 CVE-2021-21166
 Object lifecycle issue in audio
 High
 CVE-2021-21167
 Use after free in bookmarks
 Medium
 CVE-2021-21168
 Insufficient policy enforcement in appcache
 Medium
 CVE-2021-21169
 Out of bounds memory access in V8
 Medium
 CVE-2021-21170
 Incorrect security UI in Loader
 Medium
 CVE-2021-21171
 Incorrect security UI in TabStrip and Navigation
 Medium
 CVE-2021-21172
 Insufficient policy enforcement in File System API
 Medium
 CVE-2021-21173
 Side-channel information leakage in Network Internals
 Medium
 CVE-2021-21174
 Inappropriate implementation in Referrer
 Medium
 CVE-2021-21175
 Inappropriate implementation in Site isolation
 Medium
 CVE-2021-21176
 Inappropriate implementation in full screen mode
 Medium
 CVE-2021-21177
 Insufficient policy enforcement in Autofill
 Medium
 CVE-2021-21178
 Inappropriate implementation in Compositing
 Medium
 CVE-2021-21179
 Use after free in Network Internals
 Medium
 CVE-2021-21180
 Use after free in tab search
 Medium
 CVE-2020-27844
 Heap buffer overflow in OpenJPEG
 Medium
 CVE-2021-21181
 Side-channel information leakage in autofill
 Medium
 CVE-2021-21182
 Insufficient policy enforcement in navigations
 Low
 CVE-2021-21183
 Inappropriate implementation in performance APIs
 Low
 CVE-2021-21184
 Inappropriate implementation in performance APIs 
 Low
 CVE-2021-21185
 Insufficient policy enforcement in extensions
 Low
 CVE-2021-21186
 Insufficient policy enforcement in QR scanning
 Low
 CVE-2021-21187
 Insufficient data validation in URL formatting
 Low
 CVE-2021-21188
 Use after free in Blink
 Low
 CVE-2021-21189
 Insufficient policy enforcement in payments
 Low
 CVE-2021-21190
 Uninitialized Use in PDFium
 Low

To install these updates using Desktop Central, initiate a sync between the Central Patch Repository and the Desktop Central server. Once the sync is complete, search for the following Patch IDs or Bulletin ID and deploy them to your target systems.

 Patch ID
 Bulletin ID
 Patch Description
 318597
 TU-017
 Google Chrome (89.0.4389.72)
 318598
 TU-017
 Google Chrome (x64) (89.0.4389.72)

Cheers,

The ManageEngine Team


      New to M365 Manager Plus?
      New to M365 Manager Plus?
        New to RecoveryManager Plus?
        New to RecoveryManager Plus?
          New to Exchange Reporter Plus?
          New to Exchange Reporter Plus?
            New to SharePoint Manager Plus?
            New to SharePoint Manager Plus?
              See all integrations
              New to ADManager Plus?
              See all integrations
              New to ADManager Plus?

                New to ADSelfService Plus?

                Start your free trial
                Start your free trial



                          Related Products