Google this week is rolling out an incremental update to Chrome users to address multiple security flaws, including many labeled high risk. One flaw, discovered in the browser’s rendering engine, is rated critical.
Chrome 99 has been around since the beginning of March. In the meantime, researchers have kept busy mining the browser’s code for bugs, not just to keep users safe from hackers, but also to fetch a well-deserved bug bounty.
This week’s release is no different, with Google announcing yet another round of bug fixes for desktop users in an incremental update rolling out worldwide.
“The Stable channel has been updated to 99.0.4844.74 for Windows, Mac and Linux which will roll out over the coming days/weeks,” writes Prudhvikumar Bommana of the Google Chrome team.
The update fixes 11 bugs, most of which exploit dangerous ”use after free” memory corruption scenarios in areas like Extensions, Safe Browsing, Splitscreen, ANGLE and others.
One bug, tracked as CVE-2022-0971, is rated as a criticaluse after free flaw in Chrome’s Blink Layout, reported by Sergei Glazunov of Google Project Zero.
Blink is a rendering engine used by Chrome to transform HTML documents and other resources of a web page into an interactive visual representation on a user’s device.
Google keeps the technicalities tightly under wraps so that it doesn’t end up helping bad actors exploit these flaws.
The web giant has yet to determine the bounty for Glazunov’s critical bug. Considering that the company is awarding upwards of $15,000 for less-critical bugs, Glazunov likely stands to make a handsome dollar for his discovery.
Keeping your browser updated with the latest patches is your best protection. To do so, go to Chrome’s Settings panel and choose About Chrome, at which point the app will fetch the latest update. When prompted, relaunch the app and you’ll be up to speed with the latest security fixes.