Google releases Chrome 108 update with fixes for 4 High risk vulnerabilities

Google has released Chrome 108.0.5359.124 for Mac and Linux and 108.0.5359.124/.125 for Windows with a fixes for four High severity vulnerabilities. New security updates for ChromeOS, Chrome for Android, and Chrome for iOS were also published.

An attacker could exploit this vulnerability to take control of impacted systems.

The latest Chrome 108 security update released on December 13, 2022 patched 8 issues, to include the following 4 High risk vulnerabilities:

• CVE-2022-4436: Use after free in Blink Media
• CVE-2022-4437: Use after free in Mojo IPC
• CVE-2022-4438: Use after free in Blink Frames
• CVE-2022-4439: Use after free in Aura.

To add, Google also issued Long Term Support Channel (LTS) Update for ChromeOS to 102.0.5005.193 (Platform Version: 14695.166.0) for most ChromeOS devices.

Released on December 14, 2022, the latest LTS-102 version fixed these High severity issues:

• CVE-2022-4178: Use after free in Mojo
• CVE-2022-4179: Use after free in Audio
• CVE-2022-4181: Use after free in Forms
• CVE-2022-4135: Heap buffer overflow in GPU.

Moreover, Google also released Chrome 108 (108.0.5359.128) for Android, Chrome Stable 108 (108.0.5359.112) for iOS.

Related Articles

• Apple patches vulnerabilities in iOS 16.2, macOS Ventura 13.1 and other products
• Google fixes Chrome 108 zero-day vulnerability (CVE-2022-4262) exploited in the wild
• Microsoft December 2022 Security Updates addresses 53 vulnerabilities (7 Critical, 1 exploited in the wild)