PSA: If you regularly use Google’s Chrome browser, you might want to update to version 101 sooner than later. According to the latest patch release, developers have patched 29 security holes, six of which developers list as ‘high” threats.
Chrome 101.0.4951.41 for Windows, Mac, and Linux contains several fixes for severe security flaws. Google paid out a total of $29,000 for four of the top six more critical vulnerabilities. Chrome devs discovered the other two in-house. These bugs include the following.
- CVE-2022-1477: Use after free in Vulkan.
- CVE-2022-1478: Use after free in SwiftShader.
- CVE-2022-1479: Use after free in ANGLE.
- CVE-2022-1481: Use after free in Sharing.
- CVE-2022-1482: Inappropriate implementation in WebGL.
- CVE-2022-1483: Heap buffer overflow in WebGPU.
Google did not release details on these vulnerabilities. The company said it wanted to wait until the majority of users have updated their browsers before publishing precisely what these flaws are and how attackers could exploit them. It is also holding back any information on bugs that exist in third-party libraries until developers have a chance to patch them.
Google labeled the remaining 23 fixes as mostly medium threats, with four designated low. You can view them on the Chrome 101 release notes. Chrome 101 is the second major release in a row that Google has urgently encouraged users to migrate to because of security issues.
Users can update manually from Chrome settings or perform a fresh install from our mirror. Alternatively, people can wait, and the browser will update automatically in a few days.