New Chrome update fixes 11 security vulnerabilities
Updated to version 103.0.5060.134
Google has released a new security update for the Chrome browser. This eliminates 11 vulnerabilities, including at least five high-risk ones.
A new security update for Google’s Chrome browser is here. the Version 103.0.5060.134 for Windows, Mac and Linux eliminates eleven vulnerabilities that the company or external security researchers have discovered. Six of the vulnerabilities originate from Google itself, the others were discovered externally by Sergei Glazunov, YoungJoo Lee, Chaoyuan Peng, triplepwns and anonymous researchers.
Google classifies at least five of the vulnerabilities found as having a “high” risk. Most of them are so-called use-after-free (UAF) vulnerabilities. These use non-removed pointers to already deleted data in the dynamic memory (heap). Attackers can use this to corrupt data, crash programs, or execute malicious code.
The update closes UAFs in guest access, PDFs and the service worker API, for example. As usual, Google remains silent about the internally found vulnerabilities.
One shows that the update should be installed as quickly as possible Report from the US agency CISA (Cybersecurity & Infrastructure Security Agency). In it, CISA explicitly recommends that end users and administrators inform about the update and install it if necessary.
As usual, the new Chrome version should be installed automatically when the browser is restarted with the default settings. If you prefer to install the update manually, you can also download version 103.0.5060.134 in the customization menu under “Help -> About Google Chrome”.
Continue to home page