Google has released updates for Chrome to fix seven security vulnerabilities – including four classed as high risk – discovered in the browser used by millions around the world.
According to an alert by the United States Cybersecurity & Infrastructure Agency (CISA), attackers could exploit the vulnerabilities in Google Chrome for Windows, Mac and Linux “to take control of an affected system”.
CISA encourages users to update to the latest version of Google Chrome – 102.0.5005.115 – to prevent the security vulnerabilities from being exploited.
The other high-risk vulnerabilities in Google Chrome which the security update fixes are CVE-2022-2010, an out-of-bounds read vulnerability in Chrome’s compositing component and CVE-2022-2011, a UAF vulnerability in ANGLE, an open source, cross-platform graphics engine abstraction layer used in the backend of Chrome.
SEE: A winning strategy for cybersecurity (ZDNet special report)
Full details of how attackers can exploit the high-risk vulnerabilities