Google has released Chrome 87 security update (87.0.4280.141) for Windows, Mac and Linux with fixes for 16 vulnerabilities. The tech giant also released a Chrome browser update for Android.
An attacker could exploit these vulnerabilities to take control of impacted systems.
Google patched the following 12 High severity vulnerabilities, as reported by external researchers:
- CVE-2021-21106: Use after free in autofill.
- CVE-2021-21107: Use after free in drag and drop.
- CVE-2021-21108: Use after free in media.
- CVE-2021-21109: Use after free in payments.
- CVE-2021-21110: Use after free in safe browsing.
- CVE-2021-21111: Insufficient policy enforcement in WebUI.
- CVE-2021-21112: Use after free in Blink.
- CVE-2021-21113: Heap buffer overflow in Skia.
- CVE-2020-16043: Insufficient data validation in networking.
- CVE-2021-21114: Use after free in audio.
- CVE-2020-15995: Out of bounds write in V8.
- CVE-2021-21115: Use after free in safe browsing.
Moreover, one other Medium vulnerability was also patched. None of the vulnerabilities had any known public exploits at the time of the publication on January 6.
Readers can check out the Google Chrome 87.0.4280.141 security advisory for more details.
Finally, Google also released Chrome 87 (87.0.4280.141) for Android.