Chrome 90.0.4430.93 security update
Google announced Chrome 90.0.4430.93 on the night of April 26th. This is a security update that fixes 9 vulnerabilities in older versions of the browser.
The Google Blog has published a list of vulnerabilities that have been fixed in Chrome 90.0.4430.93 for desktops. Here are some of them:
- [$ 15000]  High CVE-2021-21227: Insufficient data validation in V8. Reported by Gengming Liu of Singular Security Lab on 2021-04-15
- [$ NA]  High CVE-2021-21232: Use after free in Dev Tools. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-02-05
- [$ TBD]  High CVE-2021-21233: Heap buffer overflow in ANGLE. Reported by Omair on 2021-02-26
- [$ 5000]  Medium CVE-2021-21228: Insufficient policy enforcement in extensions. Reported by Rob Wu on 2020-10-16
- [$ TBD]  Medium CVE-2021-21229: Incorrect security UI in downloads. Reported by Mohit Raj (shadow2639) on 2021-04-12
- [$ TBD]  Medium CVE-2021-21230: Type Confusion in V8. Reported by Manfred Paul on 2021-04-13
- [$ NA]  Low CVE-2021-21231: Insufficient data validation in V8. Reported by Sergei Glazunov of Google Project Zero on 2021-04-13
Some vulnerabilities have a high score. Other issues were identified and fixed through internal controls.
Chrome for Windows, Mac, and Linux will be released to systems via the auto-update feature in the coming days. However, you can also download this version from here.