Home Vulnerabilities Google Chrome updated to 92.0.4515.107 to enhance security and reduce power consumption

Google Chrome updated to 92.0.4515.107 to enhance security and reduce power consumption


According to Google’s official blog, the company has released a new version to the Google Chrome stable version. This version not only fixes vulnerabilities but also enhances security.

Google said that the site isolation technology enabled by the new version can isolate the website from the extension and prevent the extension from stealing various information on the website through technical means.

At the same time, this version also enhances image processing technology and enhances phishing detection. Compared with the old version, the power consumption is lower after the upgrade.

This update includes 35 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

 

[$15000][1210985] High CVE-2021-30565: Out of bounds write in Tab Groups. Reported by David Erceg on 2021-05-19

[$10000][1202661] High CVE-2021-30566: Stack buffer overflow in Printing. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-04-26

[$10000][1211326] High CVE-2021-30567: Use after free in DevTools. Reported by DDV_UA on 2021-05-20

[$8500][1219886] High CVE-2021-30568: Heap buffer overflow in WebGL. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-06-15

[$500][1218707] High CVE-2021-30569: Use after free in sqlite. Reported by Chris Salls (@salls) of Makai Security on 2021-06-11

[$TBD][1101897] High CVE-2021-30571: Insufficient policy enforcement in DevTools. Reported by David Erceg on 2020-07-03

[$TBD][1214234] High CVE-2021-30572: Use after free in Autofill. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi’anxin Group on 2021-05-28

[$TBD][1216822] High CVE-2021-30573: Use after free in GPU. Reported by Security For Everyone Team – https://securityforeveryone.com on 2021-06-06

[$TBD][1227315] High CVE-2021-30574: Use after free in protocol handling. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-07-08

[$15000][1213313] Medium CVE-2021-30575: Out of bounds read in Autofill. Reported by Leecraso and Guang Gong of 360 Alpha Lab on 2021-05-26

[$10000][1194896] Medium CVE-2021-30576: Use after free in DevTools. Reported by David Erceg on 2021-04-01

[$10000][1204811] Medium CVE-2021-30577: Insufficient policy enforcement in Installer. Reported by Jan van der Put (REQON B.V) on 2021-05-01

[$7500][1201074] Medium CVE-2021-30578: Uninitialized Use in Media. Reported by Chaoyuan Peng  on 2021-04-21

[$7500][1207277] Medium CVE-2021-30579: Use after free in UI framework. Reported by Weipeng Jiang (@Krace) from Codesafe Team of Legendsec at Qi’anxin Group on 2021-05-10

[$5000][1189092] Medium CVE-2021-30580: Insufficient policy enforcement in Android intents. Reported by @retsew0x01 on 2021-03-17

[$5000][1194431] Medium CVE-2021-30581: Use after free in DevTools. Reported by David Erceg on 2021-03-31

[$5000][1205981] Medium CVE-2021-30582: Inappropriate implementation in Animation. Reported by George Liu  on 2021-05-05

[$3000][1179290] Medium CVE-2021-30583: Insufficient policy enforcement in image handling on Windows. Reported by Muneaki Nishimura (nishimunea) on 2021-02-17

[$3000][1213350] Medium CVE-2021-30584: Incorrect security UI in Downloads. Reported by @retsew0x01 on 2021-05-26

[$N/A][1023503] Medium CVE-2021-30585: Use after free in sensor handling. Reported by niarci on 2019-11-11

[$TBD][1201032] Medium CVE-2021-30586: Use after free in dialog box handling on Windows. Reported by kkomdal with kkwon and neodal on 2021-04-21

[$N/A][1204347] Medium CVE-2021-30587: Inappropriate implementation in Compositing on Windows. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2021-04-30

[$5000][1195650] Low CVE-2021-30588: Type Confusion in V8. Reported by Jose Martinez (tr0y4) from VerSprite Inc. on 2021-04-04

[$3000][1180510] Low CVE-2021-30589: Insufficient validation of untrusted input in Sharing. Reported by Kirtikumar Anandrao Ramchandani (@Kirtikumar_A_R) and Patrick Walker (@homesen) on 2021-02-20

The post Google Chrome updated to 92.0.4515.107 to enhance security and reduce power consumption appeared first on InfoTech News.



Source link

RELATED ARTICLES

New infosec products of the week: July 23, 2021

Stellar Cyber XDR Kill Chain allows security analyst teams to disrupt cyberattacks Stellar Cyber introduced a...

Kaseya Gets Universal Decryptor to Help REvil Ransomware Victims

Nearly three weeks after Florida-based software vendor Kaseya was hit by a widespread supply-chain ransomware attack, the company on Thursday said it obtained...

Kaseya obtains REvil decryptor, starts sharing it with afflicted customers • The Register

Software-for-services providers business Kaseya has obtained a "universal decryptor key" for the REvil ransomware and is delivering it to clients. A brief Thursday update...

Most Popular

‘Critical Severity’ Warning for Malware Embedded in Popular JavaScript Library

Security responders are scrambling this weekend to assess the damage from crypto-mining malware embedded in an npm package (JavaScript library) that counts close...

Popular NPM Package Hijacked to Publish Crypto-mining Malware

The U.S. Cybersecurity and Infrastructure Security Agency on Friday warned of crypto-mining malware embedded in "UAParser.js," a popular JavaScript NPM library with over...

Cisco Talos Intelligence Group – Comprehensive Threat Intelligence: Threat Roundup for October 15 to October 22

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 15 and Oct. 22. As with previous roundups, this post...

Recent Comments