Google has released updates for Chrome browser 110 in the stable channel for Mac, Linux and Windows since February 22, 2023. The browser on Mac and Linux has now reached version 110.0.5481.177, while on Windows, it is versions 110.0.5481.177/ .178. This is a security update that fixes a critical vulnerability.
The related entry for the new version of Chrome 110 it's on the Google blog.
“The stable channel has been updated to version 110.0.5481.177 for macOS and Linux. For Windows, the update updates the browser to version 110.0.5481.177/178.”
The bugfix updates address 10 vulnerabilities, including those listed below.
- [$TBD] Critical CVE-2023-0941: Use after free in Prompts. Reported by Anonymous on 2023-02-13
- [$31000] High CVE-2023-0927: Use after free in Web Payments API. Reported by Rong Jian of VRI on 2023-02-10
- [$13000] High CVE-2023-0928: Use after free in SwiftShader. Reported by Anonymous on 2022-03-22
- [$10000] High CVE-2023-0929: Use after free in Vulkan. Reported by Cassidy Kim(@cassidy6564) on 2022-12-09
- [$10000] High CVE-2023-0930: Heap buffer overflow in Video. Reported by Cassidy Kim(@cassidy6564) on 2023-01-27
- [$3000] High CVE-2023-0931: Use after free in Video. Reported by Cassidy Kim(@cassidy6564) on 2023-01-17
- [$TBD] High CVE-2023-0932: Use after free in WebRTC. Reported by Omri Bushari (Talon Cyber Security) on 2023-02-05
- [$11000] Medium CVE-2023-0933: Integer overflow in PDF. Reported by Zhiyi Zhang from Codesafe Team of Legendsec at QI-ANXIN Group on 2023-01-04
As usual, the company is not giving more details.
Google also says that various fixes have been made based on results from internal audits, fuzzing and other initiatives.
Chrome will be rolling out to systems via the auto-update feature in the coming days. Of course anyone who wants can update the browser manually (from the /About Google Chrome menu). You can also download the latest version of the Chrome browser from here.
Note: Chrome 110 will no longer run on Windows 7 SP1 or Windows 8.1.