Chrome 98.0.4758.102 security update with patch for actively exploited vulnerability
Google published the web browser Chrome 98.0.4758.102 to the Stable channel on February 14, 2022. The new Chrome version fixes several security issues, one of which is exploited actively according to Google.
Chrome installations should receive the update automatically over time. Administrators and users who don't want to wait for this to happen may run a manual check for updates to install the patches immediately.
To do so, select Menu > Help > About Google Chrome or load chrome://settings/help directly in the web browser's address bar. The page that opens displays the currently installed version of the web browser, and runs a check for updates. If an update is found, it will be downloaded and installed automatically.
Google confirms on the company's Google Chrome Releases blog that 11 security issues are fixed in the new Google Chrome version. The highest severity rating is high, the second-highest after critical.
Google mentions only the security vulnerabilities that external researches have discovered: eight of the eleven security issues were discovered by non-Google employees.
[$15000] High CVE-2022-0603: Use after free in File Manager. Reported by Chaoyuan Peng (@ret2happy) on 2022-01-22
[$7000] High CVE-2022-0604: Heap buffer overflow in Tab Groups. Reported by Krace on 2021-11-24
[$7000] High CVE-2022-0605: Use after free in Webstore API. Reported by Thomas Orlita on 2022-01-13
[$7000] High CVE-2022-0606: Use after free in ANGLE. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2022-01-17
[$TBD] High CVE-2022-0607: Use after free in GPU. Reported by 0x74960 on 2021-09-17
[$NA] High CVE-2022-0608: Integer overflow in Mojo. Reported by Sergei Glazunov of Google Project Zero on 2021-11-16
[$NA] High CVE-2022-0609: Use after free in Animation. Reported by Adam Weidemann and Clément Lecigne of Google's Threat Analysis Group on 2022-02-10
[$TBD] Medium CVE-2022-0610: Inappropriate implementation in Gamepad API. Reported by Anonymous on 2022-01-08
The vulnerability CVE-2022-0609, Use after free in Animation, is actively exploited according to Google. Google does not mention how widespread the attacks are. Chrome users may want to update to the latest version as soon as possible to protect their browsers and data from potential attacks targeting the vulnerability.
It is unclear if other Chromium-based browsers are affected. Since the vulnerability is related to Animation, it seems likely that other Chromium-based browsers are also affected by it. Expect security updates for these browsers as well in the coming days and weeks (if affected).
Now You: when do you update your browsers?
Every new Chrome update is welcome! By the way, off the topic, anyone has noticed the weird problem “with context menu highlight too small” related to W11? I am dealing with this bizarre bug several months and I am very frustrating. My netbook’s screen is not too wide and it’s horrible to work with Libreoffice several hours, amazingly frustrating W11 visual style OMG! :[
This is exactly the problem I am talking about:
PS. W11 + Valinet Explorer Patcher (well configured) = 99% W10, a must have!
Actively exploited. Only hearing that all the time with Chrome.
Chrome, together with Safari, are the only browsers with significant market share. Of course they are the most attacked…
This is not an excuse.
You can be more secure than your competitors, but more issues can and will be found if you are being scrutinized heavily due to high market share. I am just saying it how it is.
This not only affect Google Chrome but other forks – Brave, Vivaldi, Edge etc as well. And it doesn’t stop there – Android System Webview is affected as well. Well done Google.
I always try to see at the blogs or on Ghacks.net what is happening good – or bad with the update.
When I am not totally sure I always look at the severity of the security patches and when
the update, that I am not totally sure about, is mostly security update related I update.
Something completely different I noticed at the end of this page.
Since 2005 I have never seen a previous article (it’s the complete article: Microsoft Defender gets better at preventing Windows passwords from being stolen) at the end of the new article behind the “Leave a reply section” / Post comment section?
Also, I noticed that with the next article ” Vivaldi adds a sidebar panel to manage the Reading List with new options” the same is going on because the article “Chrome 98.0.4758.102 security update with patch for actively exploited vulnerability” is added on?
Is this a new thing/future?
yes, I noticed it too
please don’t add content one isn’t looking for
Started today for me, semi-infinite scrolling or something.
Yes, 2 articles on one page…
This is not nice, because I often save pages for later use.
And the comments collapse when refreshing. :(
So much for chrome being secure.?.!!.
The code will end up like a persian rug with so many patches.
Just proves the google hyperbole is a load of crap.
@computer said no
Firefox ain’t any more secure, buddy.
An article which is first completely biased and second is inaccurate in 2022, yeah that’s the article from where conclusion should be drawn between Firefox and Chrome.
Do you think Project Fission is a fix for all the issues listed there? If so, LOL. It barely fixes one issue.
The article is not inaccurate at all, deal with it.
If you think that way, then good. Nothing wrong in having a different opinion.
I remember back in 2008 up to 2011 when Chrome was lightning fast and lightweight, but now it feels so slow and bloated. It’s the main reason I replaced it with another Chromium browser, second reason is that Google like to make irreversible changes like that thing where the browser determines what download is safe and what isn’t and when it does, it completely refuses to download something, not even a warning and you’re left wondering if something is broken or what.
Windows Defender/Security/Safety Experience/Whatever loves to blast bat files into oblivion. I blasted it into oblivion long ago; too slow, too stupid.
Can you send me the new update link please