If your Google Chrome build is not yet to update automatically, now is a good time to start manual update (opens in new tab)the company said.
Google has released Chrome 104, the next version of its popular browser (opens in new tab) with fixes for some very serious errors.
Chrome 104 has just been released for Windows, Mac, and Linux and fixes a total of 27 errors, 15 of which are of medium severity and seven of high severity. Google says these aren’t currently being exploited in the wild, but that could change any time. The serious bugs affect the Omnibox, Safe Browsing, Dawn WebGPU, and Near Share, and one of the moderate bugs is a side channel information leak issue that affects keyboard input.
Replace U2F API
The Omnibox issue, a memory-related “use after free” error, is tracked as XCVE-2022-2603, with Google reportedly paying a $15,000 bounty to finders. The Safe Browsing error is tracked as CVE-2022-2604 while the Near Share is tracked as CVE-2022-2609.
As usual, Google is tight-lipped until most of the endpoints are patched.
For Chrome 104, Google has also replaced the U2F API, the original security key API for Chrome, with Web Authentication (WebAuthn) API.
The latter has been standard for about three years, but despite its existence, some websites will still need to migrate to the new API.
- Get ultimate device protection with the best antivirus (opens in new tab)
Through: ZDNet (opens in new tab)