Considering the severity of the threat, Google has issued its fourth urgent upgrade warning in 2 months. In this warning, Google states that the users must update their Chrome browser to version 92.0.4515.159 which will roll out over the coming days/weeks.
“This release includes stability and performance improvements”, said Google.
Following the standard protocol, Google has currently given little away about the vulnerabilities. This is the company’s attempt to limit information about these bugs to hackers and to protect its users. The company credited various external researchers for helping spot these vulnerabilities. As of now, Google has listed the following details:
- High — CVE-2021-30598: Type Confusion in V8. Reported by Manfred Paul
- High — CVE-2021-30599: Type Confusion in V8. Reported by Manfred Paul
- High — CVE-2021-30600: Use after free in Printing. Reported by 360 Alpha Lab
- High — CVE-2021-30601: Use after free in Extensions API. Reported by 360 Alpha Lab
- High — CVE-2021-30602: Use after free in WebRTC. Reported by Cisco Talos
- High — CVE-2021-30603: Race in WebAudio. Reported by Google Project Zero
- High — CVE-2021-30604: Use after free in ANGLE. Reported by SecunologyLab
based on the Chromium project and developed for Chrome and other browsers including Microsoft Edge, Brave, Opera, and Vivaldi.
is the technology that enables transferring video and audio streaming data between mobile apps and browsers.
is Google’s open-source, cross-platform graphics engine abstraction layer.
In order to protect themselves from these new threats, all Chrome users must navigate to Settings > Help > About Google Chrome. If the browser version on Linux, macOS, and Windows is listed as 92.0.4515.159 or above, the user is safe. If not, the About screen will prompt the user to update and restart the browser.