Google releases Chrome security update (88.0.4324.182)

Google has released Chrome 88 security update (88.0.4324.182) for Windows, Mac and Linux with fixes for ten vulnerabilities.

An attacker could exploit these vulnerabilities to take control of impacted systems.

As part of the Chrome security update, Google patched ten vulnerabilities in all, eight of those rated High severity.

The eight patched High severity vulnerabilities discovered by external researchers include:

1. CVE-2021-21149: Stack overflow in Data Transfer.
2. CVE-2021-21150: Use after free in Downloads.
3. CVE-2021-21151: Use after free in Payments.
4. CVE-2021-21152: Heap buffer overflow in Media.
5. CVE-2021-21153: Stack overflow in GPU Process.
6. CVE-2021-21154: Heap buffer overflow in Tab Strip.
7. CVE-2021-21155: Heap buffer overflow in Tab Strip .
8. CVE-2021-21156: Heap buffer overflow in V8.

Moreover, Google patched a Medium severity ‘Use after free in Web Sockets’ vulnerability CVE-2021-21157.

None of the listed vulnerabilities had known public exploits at the time of the Google advisory. However, readers should note Google did warn about a previous Chrome vulnerability CVE-2021-21148 exploited in the wild and patched earlier this month.

Related Articles

• Google patches Chrome zero-day (CVE-2021-21148) exploited in the wild
• Google releases Chrome security update (88.0.4324.96)
• Microsoft January 2021 Security Updates (to include zero-day RCE patch)
• Mozilla releases Firefox 84.0.2, fix for critical vulnerability (CVE-2020-16044)