Chrome releases security updates for multiple vulnerabilities
Google have released security updates for Chrome which reveals another zero-day vulnerability along with 10 other vulnerabilities. This is similar to previous Chrome issues seen earlier this year. A zero-day vulnerability means a security bug has existed with no patch available, leaving systems open to cyber-attacks.
Use this guidance to learn more about the vulnerability, if you’re affected, and what you need to do.
About this update
The security update which released earlier this week includes a total of 11 fixes, the majority of which have been given a severity score of High. The most severe being a vulnerability which belongs to the Use-After-Free (UAF) class, making the issue related to memory being used incorrectly in applications.
What is affected?
If you use one of the following Chrome versions on Windows, Mac, or Linux, this vulnerability may impact you:
- Chrome versions on Mac and Linux before 104.0.5112.101.
- Chrome versions on Windows before 104.0.5112.102/101.
What you need to do
The vendors of these applications have released security patches to address this vulnerability. We have alerted those in an IT support role at the University.
If you own a device which uses one of the browsers listed above, you can update them now or they will update automatically in the coming days/weeks.
If you use a University-managed device, no action will be needed as they will also update automatically.