Chrome 87.0.4280.141 solves 16 vulnerabilities

Recently became known the release of a Chrome web browser fix version 87.0.4280.141, version that manages to solve 16 vulnerabilities of which 12 problems are marked as dangerous.

As such, no critical issues have been identified. that allow you to bypass all levels of browser protection and run code on your system outside of the sandbox environment.

This update includes 16 security fixes. Below, we highlight the corrections contributed by external researchers. see the Chrome security page for more information.

Access to links and bug details may remain restricted until most users are updated with a fix. We will also maintain the restrictions if the bug exists in a third-party library that other projects similarly depend on, but has yet to be fixed.

And as the Chrome developers mention, not all information about the vulnerability is disclosed:

  • [1148749] High CVE-2021-21106
  • [1153595] High CVE-2021-21107
  •  [1155426] High CVE-2021-21108
  • [1152334] High CVE-2021-21109
  •  [1152451] High CVE-2021-21110
  •  [1149125] High CVE-2021-21111: Insufficient policy compliance in WebUI.
  •  [1151298] High CVE-2021-21112
  •  [1155178] High CVE-2021-21113: Stack buffer overflow on Skia. 
  •  [1148309] High CVE-2020-16043: Insufficient data validation on the network.
  •  [1150065] High CVE-2021-21114
  •  [1157790] High CVE-2020-15995: Write out of bounds in V8. 
  • [1157814] High CVE-2021-21115
  • [1151069] Medium CVE-2021-21116: Audio stack buffer overflow. 

In addition, the update of the significant increase of the rewards is mentioned cash for identifying vulnerabilities.

And it is that in this corrective version due to the discovery of vulnerabilities for the current version, Google has paid out 13 prizes worth $ 111,000 (three prizes of $ 20,000, two prizes of $ 15,000, two prizes of $ 7500, and a premium of $ 6000)

The biggest rewards were paid for detecting free after-use vulnerabilities in the code related to auto-fill, drag-and-drop fields, and media processing. A $ 15,000 reward was awarded for using after free vulnerabilities in Payment API and SafeBrowsing mode.

Finally, if you are interested in knowing more about it about this corrective release and its rewards, you can check the following link.

How to install or update to the new version of Google Chrome?

Google developers mention that it is important that users update the browser as soon as possible and to be able to update to the new version of the browser on their systems, They can do so by following the instructions we share below.

The first thing to do is check if the update is already available, for it you have to go to chrome: // settings / help and the notification that there is an update will appear.

If this is not the case, you must close your browser and they must download the package from the official Google Chrome page, so they must go to to the following link to get the package.

Or from the terminal with:

wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb

Done the package download they can do direct installation with their preferred package manager, or from the terminal they can do it by typing the following command:

sudo dpkg -i google-chrome-stable_current_amd64.deb

And in case you have problems with dependencies, you can solve them by typing the following command:

sudo apt install -f

In the case of systems with support for RPM packages such as CentOS, RHEL, Fedora, openSUSE and derivatives, you must download the rpm package, which can be obtained from the following link. 

Done the download they must install the package with their preferred package manager or from the terminal they can do it with the following command:

sudo rpm -i google-chrome-stable_current_x86_64.rpm

In the case of Arch Linux and systems derived from it, such as Manjaro, Antergos and others, we can install the application from the AUR repositories.

So that must have an AUR assistant installed on their systems, You can check the following link where I share some of them.

They simply have to type the following command in the terminal:

yay -S google-chrome

And that's it, you will have already installed or updated Google Chrome on your system.


The content of the article adheres to our principles of editorial ethics. To report an error click here!.

Be the first to comment

Leave a Comment

Your email address will not be published.

*

*

  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.