Google has released Chrome version 103.0.5060.134 for Windows, Mac and Linux, with fixes for five High severity vulnerabilities. Additionally, Google also published new security updates for ChromeOS and Android.
An attacker could exploit these vulnerabilities to take control of impacted systems.
The latest Chrome 103 (103.0.5060.134) security updates patched 11 vulnerabilities, to include the following High severity vulnerabilities contributed by external researchers:
- CVE-2022-2477: Use after free in Guest View.
- CVE-2022-2478 : Use after free in PDF.
- CVE-2022-2479 : Insufficient validation of untrusted input in File.
- CVE-2022-2480 : Use after free in Service Worker API.
- CVE-2022-2481: Use after free in Views.
No known exploits in the wild were reported at the time of the advisory, but you should check to make sure your browser is running latest Chrome update.
Moreover, Google also released a Stable Channel Update for ChromeOS to 103.0.5060.132 (Platform version 14816.131.0) for most ChromeOS devices. Additionally, LTC (Long Term Support Candidate) for ChromeOS was also updated to channel to 102.0.5005.153 (Platform Version: 14695.114.0) for most ChromeOS devices.
- Google releases Chrome 103 (103.0.5060.53) security updates with fixes for 1 Critical, 2 High severity vulnerabilities
- Google releases Chrome 102 (102.0.5005.115) security updates with fixes for 4 High severity vulnerabilities
- Mozilla releases Firefox 101 with fixes for 8 High severity vulnerabilities