Google Chrome 108 security update fixes 8 security issues
Google released another point release update for Google Chrome 108 Stable that addresses 8 security issues in the web browser. This is the second security update for Chrome 108, which itself fixed 28 security issues in the browser as well.
The first Chrome 108 point release update fixed a security issue that was exploited in the wild at the time. The new Chrome update, released today, fixes issues that do not appear to be exploited yet, as Google makes no mention of that on the Chrome Releases website.
Chrome 108: second security update
The security update is already available for all supported desktop operating systems and for Android. As usual, it is possible to download the update immediately on desktop systems by opening chrome://settings/help in the browser's address bar.
Chrome displays the installed version on the page and runs a check for updates. Any update found is downloaded and installed automatically. A restart is required to complete the update.
The following versions of Chrome should be displayed after installation of the update:
- Chrome for Mac and Linux: 108.0.5359.124
- Chrome for Windows: 108.0.5359.124 or 108.0.5359.125
- Chrome Extended for Mac:108.0.5359.124
- Chrome Extended for Windows: 108.0.5359.125
- Chrome for Android: 108.0.5359.128
Just compare the version shown on the Help Settings page with the listed version above.
Google reveals information about five of the eight security issues on the blog. The company does not disclose security issues that it discovered internally. There is no critical security issue, but four are rated high and one is rated medium.
[$7000] High CVE-2022-4436: Use after free in Blink Media. Reported by Anonymous on 2022-11-15
[$6000] High CVE-2022-4437: Use after free in Mojo IPC. Reported by koocola(@alo_cook) and Guang Gong of 360 Vulnerability Research Institute on 2022-11-30
[$1500] High CVE-2022-4438: Use after free in Blink Frames. Reported by Anonymous on 2022-11-07
[$TBD] High CVE-2022-4439: Use after free in Aura. Reported by Anonymous on 2022-11-22
[$3000] Medium CVE-2022-4440: Use after free in Profiles. Reported by Anonymous on 2022-11-09
Desktop versions of Chrome and the Android version are affected by the security issues. Administrators may want to update Chrome to the new version as soon as possible to protect devices against potential attacks targeting the security issues. The next major Chrome release is scheduled for January 10, 2023.
Expect other Chromium-based browsers to release updates as well to fix the issues in their browsers.
Already putting the acting job of the Firefox promoters here so that they don’t have to overexert themselves.
Indeed, instead of taking personal responsibility, it is always preferable to blame others. Chrome has security problems? No problem at all, just say wHaT AbOuT FiReFoX? Thank you brother Iron Heart!
Keep trolling. That’s why so why so many of your posts get deleted
We get it. You love Firefox. This is a story about Chrome, not Firefox.
Better to have fixed than hidden vulnerabilities because nobody uses software (Firefox)
Yes! It’s better to have more vulnerabilities, than use software which is not as popular! As if! It’s also always better to have the mentality of a mean girl in high school than an adult with a job! Well said brother Chroman!
Go promote Firefox in stories about Firefox, not stories about Chrome
Some pre-prepared excuses for Google Fanboys when yet another security vulnerability is found.
1, Firefox is less secure than Chrome because it has less users, remember less users=more vulnerabilities.
2. Firefox takes search money from Google, so security vulnerabilities don’t matter. Don’t worry about other Chrome clones that also get money from Google search.
3. Firefox is allegedly woke and tolerates Gays getting married, therefore security vulnerabilities don’t matter. Remember more woke=more vulnerabilities.
4. Maidian. His word is the word of God. Do not question God.