Categories

Ada 28 Kerentanan Keamanan Diperbaiki di Google Chrome 99

Beberapa waktu lalu Google Chrome mendapatkan pembaruan versi 99 (99.0.4844.51) yang mana didalam versi ini ada sejumlah kerentanan keamanan yang telah ditutup dan diperbaiki.

Dilansir dari halaman Chromium blog, dari 28 total kerentanan yang diperbaiki, 11 diantaranya diklasifikasi sebagai high severity, 15 diantaranya medium, dan 2 diantaranya adalah low.

Beberapa diantaranya adalah sebagai berikut:

  • [$10000][1289383] High CVE-2022-0789: Heap buffer overflow in ANGLE. Reported by SeongHwan Park (SeHwa) on 2022-01-21
  • [$7000][1278322] High CVE-2022-0791: Use after free in Omnibox. Reported by Zhihua Yao of KunLun Lab on 2021-12-09
  • [$7000][1285885] High CVE-2022-0792: Out of bounds read in ANGLE. Reported by Jaehun Jeong(@n3sk) of Theori on 2022-01-11
  • [$7000][1291728] High CVE-2022-0793: Use after free in Views. Reported by Thomas Orlita on 2022-01-28
  • [$7000][1294097] High CVE-2022-0794: Use after free in WebShare. Reported by Khalil Zhani on 2022-02-04
  • [$5000][1282782] High CVE-2022-0795: Type Confusion in Blink Layout. Reported by 0x74960 on 2021-12-27
  • [$5000][1295786] High CVE-2022-0796: Use after free in Media. Reported by Cassidy Kim of Amber Security Lab, OPPO Mobile Telecommunications Corp. Ltd. on 2022-02-10
  • [$NA][1281908] High CVE-2022-0797: Out of bounds memory access in Mojo. Reported by Sergei Glazunov of Google Project Zero on 2021-12-21
  • [$15000][1283402] Medium CVE-2022-0798: Use after free in MediaStream. Reported by Samet Bekmezci @sametbekmezci on 2021-12-30
  • [$10000][1279188] Medium CVE-2022-0799: Insufficient policy enforcement in Installer. Reported by Abdelhamid Naceri (halov) on 2021-12-12
  • [$7000][1242962] Medium CVE-2022-0800: Heap buffer overflow in Cast UI. Reported by Khalil Zhani on 2021-08-24
  • [$5000][1231037] Medium CVE-2022-0801: Inappropriate implementation in HTML parser. Reported by Micha? Bentkowski of Securitum on 2021-07-20
  • [$3000][1270052] Medium CVE-2022-0802: Inappropriate implementation in Full screen mode. Reported by Irvan Kurniawan (sourc7) on 2021-11-14
  • [$3000][1280233] Medium CVE-2022-0803: Inappropriate implementation in Permissions. Reported by Abdulla Aldoseri on 2021-12-15
  • [$2500][1264561] Medium CVE-2022-0804: Inappropriate implementation in Full screen mode. Reported by Irvan Kurniawan (sourc7) on 2021-10-29
  • [$2000][1290700] Medium CVE-2022-0805: Use after free in Browser Switcher. Reported by raven at KunLun Lab on 2022-01-25
  • [$1000][1283434] Medium CVE-2022-0806: Data leak in Canvas. Reported by Paril on 2021-12-31
  • [$TBD][1287364] Medium CVE-2022-0807: Inappropriate implementation in Autofill. Reported by Alesandro Ortiz on 2022-01-14
  • [$TBD][1292271] Medium CVE-2022-0808: Use after free in Chrome OS Shell. Reported by @ginggilBesel on 2022-01-29
  • [$TBD][1293428] Medium CVE-2022-0809: Out of bounds memory access in WebXR. Reported by @uwu7586 on 2022-02-03

Jika kita lihat, pundi pundi dolar yang didapat dengan melaporkan bug ini, bahkan tingkat bug tertinggi mendapatkan $10000 USD, dan itu sangat banyak loh.

Nah karena berisi perbaikan yang cukup penting dan juga banyak, ada baiknya kamu memperbarui versi Google Chrome kamu ke versi 99 ini.

Namun sedikit informasi, proses update di halaman chrome://settings/help tampaknya sedang mendapati error, sehingga sementara ini kita tidak bisa memperbarui browser melalui halaman tersebut. Solusinya adalah mendownload installer Google Chrome dari halaman berikut, kemudian menginstallnya secara manual.

Via : DeskModder

Written by

Gylang Satria

Penulis, Pengguna Windows 11, Elementary OS, dan Iphone SE 2020. Tag @gylang_satria di Disqus jika ada pertanyaan.

Post navigation