Chrome 105.0.5195.52/53/54 for Windows available
Google has fixed 24 vulnerabilities, one of which is classified as critical.
With Chrome 105.0.5195.52/53/54 for Windows (105.0.5195.52 for macOS and Linux), Google offers the 105th generation of its browser. In the new main version, the developers have eliminated 24 vulnerabilities. Options for manipulating the clipboard are currently the subject of discussion.
The Chrome Releases Blog lists those 21 of the 24 fixed vulnerabilities that were discovered by external researchers and reported to Google. A 0-day vulnerability is not included this time.
Google classifies one of the vulnerabilities (CVE-2022-3038 in the Network Service) as critical and another eight as high risk. Many are use-after-free vulnerabilities in various browser components, such as WebSQL, Layout, and PhoneHub. Nine gaps are considered medium and three are considered low risk.
Google has not published any details about the internally found security vulnerabilities.
A vulnerability that affects all Chromium-based browsers (Chrome, Edge, Opera, Brave, Vivaldi and others) is currently being discussed among Chromium developers. It is currently possible for a website to read content from the clipboard and write new content to it - possibly without requiring user interaction that can be interpreted as qualified consent. With a bit of criminal energy, scenarios can be implemented in which a fraudulent website could replace credit card or account data that a user wants to transfer to a web form via the clipboard. What a secure solution could look like that does not violate existing interface specifications (API specs) is still the subject of discussion.
Chrome 105.0.5195.68 for Android and Chrome 105.0.5195.69 for iOS have also been released.
Installing the new update is strongly recommended for Chrome users. Chrome updates are available through the built-in update functionality. They are usually downloaded and installed automatically. If you do not want to wait, you can also initiate the update manually under Help ยป About Google Chrome.