Google Chrome 100 Released – Security Fixes, New Logo & More

After 1 month of the previous chrome version 99, Google has announced the release of chrome version 100. Google also said that this version has an extended stable channel for Mac and Windows.

The new chrome 100.0.4896.60 has a lot of bugs fixed from the previous versions. Features about the new version of both chrome and chromium are yet to be announced by Google.

This new version of chrome has nearly 28 security issues updated. Google also stated, “Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed”.

The all-new Chrome 100 for the Stable desktop channel has been released by Google on March 29th, 2022. The new Google Chrome 100 (100.0.4896.60) includes several new additions like:-

  • A new logo
  • Security improvements
  • Development features
  • Many more

Many external security researchers have contributed to these security issues. The bugs and their rewards are:

BountyReport IDSeverityCVEsDescriptionReported By
$ 70001292261HighCVE-2022-1125Use after free in PortalsKhalil Zhani on 2022-01-29
$ 50001291891HighCVE-2022-1127Use after free in QR Code Generatoranonymous on 2022-01-28
$ 50001301920HighCVE-2022-1128Inappropriate implementation in Web Share APIAbdel Adim (@smaury92) Oisfi of Shielder on 2022-03-01
$ 30001300253HighCVE-2022-1129Inappropriate implementation in Full Screen ModeIrvan Kurniawan (sourc7) on 2022-02-24
$ 10001142269HighCVE-2022-1130Insufficient validation of untrusted input in WebOTPSergey Toshin of Oversecurity Inc  on 2020-10-25
$NA1297404HighCVE-2022-1131Use after free in Cast UIAbdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2022-02-15
$TBD1303410HighCVE-2022-1132Inappropriate implementation in Virtual KeyboardAndr Ess on 2022-03-07
$TBD1305776HighCVE-2022-1133Use after free in WebRTCAnonymous on 2022-03-13
$TBD1308360HighCVE-2022-1134Type Confusion in V8Man Yue Mo of GitHub Security Lab on 2022-03-21
$ 160001285601MediumCVE-2022-1135Use after free in Shopping CartWei Yuan of MoyunSec VLab on 2022-01-09
$ 70001280205MediumCVE-2022-1136Use after free in Tab StripKrace on 2021-12-15
$ 50001289846MediumCVE-2022-1137Inappropriate implementation in ExtensionsThomas Orlita on 2022-01-22
$ 20001246188MediumCVE-2022-1138Inappropriate implementation in Web CursorAlesandro Ortiz on 2021-09-03
$TBD1268541MediumCVE-2022-1139Inappropriate implementation in Background Fetch APIMaurice Dauer on 2021-11-10
$TBD1303253MediumCVE-2022-1141Use after free in File Managerraven at KunLun lab on 2022-03-05
$TBD1303613MediumCVE-2022-1142Heap buffer overflow in WebUILeecraso and Guang Gong of 360 Alpha Lab on 2022-03-07
$TBD1303615MediumCVE-2022-1143Heap buffer overflow in WebUILeecraso and Guang Gong of 360 Alpha Lab on 2022-03-07
$TBD1304145MediumCVE-2022-1144Use after free in WebUILeecraso and Guang Gong of 360 Alpha Lab on 2022-03-08
$TBD1304545MediumCVE-2022-1145Use after free in ExtensionsYakun Zhang of Baidu Security on 2022-03-09
$TBD1290150LowCVE-2022-1146Inappropriate implementation in Resource TimingSohom Datta on 2022-01-23

Most of the security bugs were 

  • AddressSanitizer
  • MemorySanitizer
  • UndefinedBehaviorSanitizer
  • Control Flow Integrity
  • libFuzzer
  • AFL.

Want to upgrade your old Chrome, then you have to follow a few simple steps that we have mentioned below:-

  • First of all, you have to go to Settings.
  • Then click on the Help option.
  • After that, you have to select the About Google Chrome option.
  • That’s it, now your browser will automatically check for the new update and install it.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.