Η Google ανακοίνωσε τον Chrome 90.0.4430.93 την 26η Απριλίου το βράδυ. Πρόκειται για μια ενημέρωση ασφαλείας που διορθώνει 9 vulnerabilities in older versions of the browser.
The Google Blog has published a list of vulnerabilities that have been fixed in Chrome 90.0.4430.93 for desktops. Here are some of them:
- [$ 15000] [1199345] High CVE-2021-21227: Insufficient data validation in V8. Reported by Gengming Liu of Singular Security Lab on 2021-04-15
- [$NA][1175058] High CVE-2021-21232: Use after free in Dev Tools. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-02-05
- [$ TBD] [1182937] High CVE-2021-21233: Heap buffer overflow in ANGLE. Reported by Omair on 2021-02-26
- [$5000][1139156] Medium CVE-2021-21228: Insufficient enforcement in extensions. Reported by Rob Wu on 2020-10-16
- [$ TBD] [1198165] Medium CVE-2021-21229: Incorrect security UI in downloads. Reported by Mohit Raj (shadow2639) on 2021-04-12
- [$ TBD] [1198705] Medium CVE-2021-21230: Type Confusion in V8. Reported by Manfred Paul on 2021-04-13
- [$NA][1198696] Low CVE-2021-21231: Insufficient data validation in V8. Reported by Sergei Glazunov of Google Project Zero 2021 04-on-13
Some vulnerabilities have a high score. Other issues were identified and fixed through internal controls.
Chrome for Windows, Mac, and Linux will be released to systems via the auto-update feature in the coming days. However, you can also download this version from here.