New Google Chrome Update Fixes Key Security Vulnerabilities 

A new fix for the Google Chrome browser is fixing seven critical security vulnerabilities.

Four of these vulnerabilities were termed high-risk by the U.S. Cybersecurity & Infrastructure Agency (CISA).

The agency is asking all users to download the newest iteration of Chrome (v102.0.5005.115) to keep themselves protected.

The new Chrome fix is available for Windows, Mac, and Linux users affected by these vulnerabilities

According to CISA, these vulnerabilities on Chrome are present on Windows, Linux, and Mac versions of the browser.

So users who have auto-update enabled for Chrome should be safe already.

Among the high-risk vulnerabilities are 1. CVE-2022-2007 2. CVE-2022-2008 3. CVE-2022-2010 4. CVE-2022-2011.

The CVE-2022-2007 is a UAF (Use-After-Free) vulnerability present in WebGPU, enabling attackers to exploit the wrong use of dynamic memory during program operation and eventually hack the program.

Meanwhile, Google defines CVE-2022-2008 as “Out of bounds memory access in WebGL.”

CVE-2022-2010 is an out-of-bounds read vulnerability within the browser.

The fourth high-risk vulnerability, CVE-2022-2011, is a UAF vulnerability within the cross-platform graphics engine extraction layer (ANGLE).

Google isn’t offering the full picture of how attackers could exploit the vulnerability.

The CISA added 36 security vulnerabilities to its catalog last week

Last week, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added 36 new security vulnerabilities to its lengthy catalog.

These newly discovered vulnerabilities belong to a varied group of companies and brands, including Adobe, Cisco, Google, Microsoft, Netgear, and QNAP, etc.

How to Use Google Maps to Find Fresher Air