Google urges Chrome 100 users to update to 101 because of 29 security flaws

Cal Jeffrey

Posts: 3,491   +1,040
Staff member
PSA: If you regularly use Google's Chrome browser, you might want to update to version 101 sooner than later. According to the latest patch release, developers have patched 29 security holes, six of which developers list as 'high" threats.

Chrome 101.0.4951.41 for Windows, Mac, and Linux contains several fixes for severe security flaws. Google paid out a total of $29,000 for four of the top six more critical vulnerabilities. Chrome devs discovered the other two in-house. These bugs include the following.

  • CVE-2022-1477: Use after free in Vulkan.
  • CVE-2022-1478: Use after free in SwiftShader.
  • CVE-2022-1479: Use after free in ANGLE.
  • CVE-2022-1481: Use after free in Sharing.
  • CVE-2022-1482: Inappropriate implementation in WebGL.
  • CVE-2022-1483: Heap buffer overflow in WebGPU.

Google did not release details on these vulnerabilities. The company said it wanted to wait until the majority of users have updated their browsers before publishing precisely what these flaws are and how attackers could exploit them. It is also holding back any information on bugs that exist in third-party libraries until developers have a chance to patch them.

Google labeled the remaining 23 fixes as mostly medium threats, with four designated low. You can view them on the Chrome 101 release notes. Chrome 101 is the second major release in a row that Google has urgently encouraged users to migrate to because of security issues.

In March, Google advised users to update from Chrome 99 to Chrome 100 because of a zero-day vulnerability relating to the browser's JavaScript engine that allowed unauthorized code execution. Version 100 also presented websites with a problem that might have rendered them unable to read the user agents since many wear gear for two-digit browser numbers. Web developers have mostly updated their sites to accommodate the newest browser iterations.

Users can update manually from Chrome settings or perform a fresh install from our mirror. Alternatively, people can wait, and the browser will update automatically in a few days.

Permalink to story.

 

kiwigraeme

Posts: 1,030   +768
That wasn't too painful - got lots of tabs open - didn't have to relog in sites and 2FA for some- took 2 seconds
 

FF222

Posts: 295   +277
Chrome 101 is out for a week now, which also means that virtually every Chrome installation has already received it, because of the auto-update process