Google and Microsoft have updated their Chrome and Edge browsers, fixing several security vulnerabilities. A total of eight vulnerabilities have been fixed, but another update for Microsoft Edge is still pending and will follow shortly. Both Chromium browsers now have version number 102.

Google closes eight vulnerabilities

While Mozilla is still evaluating version 102 as beta version, the two Chromium-based browsers Google Chrome and Microsoft Edge have released versions 102.0.5005.115 and 102.0.1245.39 for the Windows, Linux and macOS operating systems and several vulnerabilities have been classified as high risk.

The official release notes list seven vulnerabilities, six of which were classified as severe, but for security reasons four vulnerabilities are listed.

Google Chrome 102.0.5005.115

• CVE-2022-2007: Use after free in WebGPU. [High]
• CVE-2022-2008: Out of bounds memory access in WebGL. [High]
• CVE-2022-2010: Out of bounds read in compositing. [High]
• CVE-2022-2011: Use after free in ANGLE. [High]

The available update is currently being rolled out via the Extended Stable Channel. According to Google, further information will be published on the Chrome Security website soon.

Chrome updates are available through the built-in update functionality. They are usually downloaded and installed automatically. If you do not want to wait, you can also initiate the update manually under Help » About Google Chrome.

Chrome on UpdateStar | Download

Microsoft Edge 102.0.1245.39

With the update to Edge 102.0.1245.39, Microsoft fixes a security gap specific to the browser, but has so far missed the security updates of the Chromium basis. It can therefore be assumed that Edge will receive another update soon, which will also include security patches for the Google Chrome specific issues.

In the Security Update Guide, Microsoft goes into more detail about the browser's vulnerability regarding CVE-2022-22021. Under certain circumstances it allows remote code execution and to launch malware on the system.