- 168/2022
- High
Google Chrome has released security updates for Windows versions (104.0.5112.79/80/81) and for Linux and Mac versions (104.0.5112.79). The remote attacker could exploit some of these vulnerabilities to take control of the affected system, obtain information and cause a denial of service.
Samples of the addressed vulnerabilities:
- Google Chrome Safe Browsing code execution (CVE-2022-2604):
- CVSS: 8.8
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Consequences: Gain Access
- Google Chrome Nearby Share code execution (CVE-2022-2609):
- CVSS: 8.8
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
Consequences: Gain Access
Vulnerabilities
- CVE-2022-2603
- CVE-2022-2604
- CVE-2022-2605
- CVE-2022-2606
- CVE-2022-2607
- CVE-2022-2608
- CVE-2022-2609
- CVE-2022-2610
- CVE-2022-2611
- CVE-2022-2614
- CVE-2022-2615
- CVE-2022-2616
- CVE-2022-2617
- CVE-2022-2618
- CVE-2022-2619
- CVE-2022-2620
- CVE-2022-2621
- CVE-2022-2622
- CVE-2022-2612
- CVE-2022-2613
- CVE-2022-2623
- CVE-2022-2624
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.