Chrome has 3.2 billion users worldwide and now every single one of them needs to act because Google has confirmed multiple new hacks of its browser. Here is everything you need to know to stay safe.
Google released the news on its official blog, confirming 11 successful Chrome hacks have been discovered, nine of which it says pose a ‘High’ threat level. The hacks affect Chrome running on every major platform, including Windows, Mac and Linux.
As for the hacks themselves, they remain top secret with Google warning that “Access to bug details and links may be kept restricted until a majority of users are updated with a fix.” In short, Google is buying users time to protect themselves. Consequently, all we know right now are the threat levels, trackers, areas of exploitation and source:
- High – CVE-2022-1305: Use after free in storage. Reported by Anonymous on 2022-01-07
- High – CVE-2022-1306: Inappropriate implementation in compositing. Reported by Sven Dysthe on 2022-02-21
- High – CVE-2022-1307: Inappropriate implementation in full screen. Reported by Irvan Kurniawan (sourc7) on 2022-03-01
- High – CVE-2022-1308: Use after free in BFCache. Reported by Samet Bekmezci @sametbekmezci on 2021-12-28
- High – CVE-2022-1309: Insufficient policy enforcement in developer tools. Reported by David Erceg on 2020-07-17
- High – CVE-2022-1310: Use after free in regular expressions. Reported by Brendon Tiszka on 2022-03-18
- High – CVE-2022-1311: Use after free in Chrome OS shell. Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-03-28
- High – CVE-2022-1312: Use after free in storage. Reported by Leecraso and Guang Gong of 360 Vulnerability Research Institute on 2022-03-30
- Medium – CVE-2022-1313: Use after free in tab groups. Reported by Thomas Orlita on 2021-11-16
- Medium – CVE-2022-1314: Type Confusion in V8. Reported by Bohan Liu (@P4nda20371774) of Tencent Security Xuanwu Lab on 2022-03-09
Following several high-profile V8 attacks, ‘Use-After-Free’ (UAF) exploits once again dominate the Chrome threats and have now cracked Chrome security approximately 55x in 2022. Moreover, successful Chrome attacks are increasing in frequency — something Google acknowledges but also defends.
For the full Google article, please visit – https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_11.html
Contact Us
If you would like to put your social media requirements in the hands of a company that will take it forward, please contact Footprint Digital on Tel. No. 01883 372488 today.