Google has released Chrome 88 security update (88.0.4324.96) for Windows, Mac and Linux with fixes for 36 vulnerabilities. The tech giant also released a Chrome browser update for Android.
An attacker could exploit these vulnerabilities to take control of impacted systems.
As part of the Chrome security update, Google patched one Critical vulnerability CVE-2021-21117, an ‘Insufficient policy enforcement in Cryptohome.’
In addition, Google also fixed nine High severity vulnerabilities, as reported by external researchers:
- CVE-2021-21118: Insufficient data validation in V8.
- CVE-2021-21119: Use after free in Media.
- CVE-2021-21120: Use after free in WebSQL.
- CVE-2021-21121: Use after free in Omnibox.
- CVE-2021-21122: Use after free in Blink.
- CVE-2021-21123: Insufficient data validation in File System API.
- CVE-2021-21124: Potential user after free in Speech Recognizer.
- CVE-2021-21125: Insufficient policy enforcement in File System API.
- CVE-2020-16044: Use after free in WebRTC.
Moreover, Google addressed 10 Medium and 6 Low severity vulnerabilities also discovered by external researchers. None of the vulnerabilities had any known public exploits at the time of the publication on January 19.
Finally, Google also released Chrome 88 (88.0.4324.93) for Android that includes stability and performance improvements.