Google has issued an update for the Chrome browser which includes 26 security fixes. What stands out is that one of these fixes is rated as "critical". The critical vulnerability is a use after free bug in the Safe Browsing feature.
The Stable channel has been updated to 97.0.4692.99 for Windows, Mac and Linux which will roll out over the coming days/weeks. Extended stable channel has also been updated to 96.0.4664.110 for Windows and Mac which will roll out over the coming days/weeks
Publicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures (CVE) database. Its goal is to make it easier to share data across separate vulnerability capabilities (tools, databases, and services). The vulnerability in Safe Browsing that was rated critical has been assigned CVE-2022-0289. While Chrome vulnerabilities are rarely rated critical, this is already the second one this year. The previous one (CVE-2022-0096) was another use after free vulnerability that could lead to remote code execution (RCE). Only that one affected all Chromium based browsers.
The vulnerability in Safe Browsing was reported by Sergei Glazunov of Google Project Zero on 2022-01-05. Project Zero is a team of security researchers at Google who study zero-day vulnerabilities in widely used hardware and software systems. This team also found a use after free vulnerability in Site Isolation, which is another Chrome security feature that acts as a sandbox to offer additional protection against some types of security bugs. The Site Isolation vulnerability was rated as high and not critical, because the exploitability is limited to the browser.
The vulnerability in Safe Browsing does not require any user interaction after the user has visited a malicious website that exploits this vulnerability. Any RCE vulnerability has the potential to take over the affected browser, which in this case could potentially lead to a complete system take-over.
Google Safe Browsing is a service that shows warnings to users when they attempt to navigate to dangerous sites or download dangerous files. Safe Browsing also notifies webmasters in case their websites are compromised by malicious actors and helps them diagnose and resolve the problem. And Google’s Ads Security team uses Safe Browsing to make sure that Google ads do not promote dangerous pages.
Many browsers like Google Chrome, Safari, Firefox, Vivaldi, and Brave use the lists of URLs for web resources that are known to contain malware or phishing content. These lists are provide by the Safe Browsing service. Google also provides a public API for the Safe Browsing service.
Use after free
Use after free (UAF) is a vulnerability that results from the incorrect use of dynamic memory during a program’s operation. If, after freeing a memory location, a program does not clear the pointer to that memory, an attacker can use the error to manipulate the program.
How to protect yourself
If you’re a Chrome user, you should update to version 97.0.4692.99 as soon as possible.
The easiest way to update Chrome is to allow Chrome to update automatically, which basically uses the same method as outlined below but does not require your attention. But you can end up lagging behind if you never close the browser or if something goes wrong, such as an extension stopping you from updating the browser.
So, it doesn’t hurt to check now and then. And now would be a good time, given the severity of the vulnerability. My preferred method is to have Chrome open the page chrome://settings/help which you can also find by clicking Settings > About Chrome.
If there is an update available, Chrome will notify you and start downloading it. Then all you have to do is relaunch the browser in order for the update to complete.
Stay safe, everyone!