June 23, 2022 

Google has patched 3 remote code execution vulnerabilities in Chrome

 The newly released Chrome version 103.0.5060.53 for Windows, Mac and Linux addresses 14 vulnerabilities overall. 

The Vulnerabilities

• CVE-2022-2156, Critical severity – ‘Use after free’ in ‘Base’. 
• CVE-2022-2157, High severity – Use after free in ‘Interest groups’. 
• CVE-2022-2161, Medium severity – Use after free in ‘WebApp Provider’. 

 Successful exploitation of these vulnerabilities may lead to Remote Code Execution, and potentially – full system compromise. 

Affected Products

 Chrome for Desktop prior to version 103.0.5060.53. 

Mitigation

 CYREBRO recommends updating browsers to the latest Chrome version, 103.0.5060.53 for Windows, Mac and Linux. 

 References: Google Chrome Advisory.