Google has released the second security update for Chrome 81 in the last two weeks. After Chrome 81 appeared, there was a first update to fix a vulnerability in speech recognition classified as critical. The second update follows this week, which is intended to eliminate eight gaps.
Chrome Security Update
Google publishes hardly any details about the vulnerabilities in a warning message. They want to give attackers as little information as possible. So they want to enlarge the time window in which users can install the secured version without fear of attacks. The brief descriptions of the gaps that attackers could bring malicious code to computers and execute them through memory errors.
For example, the update takes place automatically in the background when you close the browser and open it again. If an update is available for installation, the three point menu is displayed in the top right. For example, if it is highlighted in red, the update was released over a week ago but has not yet been installed. In such a case, open the menu and click on Update Chrome. The program requires OS X and supports dark mode from macOS Mojave. Chrome 81 has been delayed due to the corona virus situation. Chrome 82 is skipped, the other version continues in May. Until then, several bug fixes and security updates for Chrome 81 will appear.
In the Chrome Blog, there is a list of the vulnerabilities that were discovered by external security researchers and reported to Google. Google classifies all these gaps as high risk. One of these weaknesses is a use after free gap in the payments module. The other gaps concern the integrated PDF viewer and the insufficient checking of imported data when formatting URLs. For this, Google pays the researchers almost 50.000 dollars. As always, Google is silent about the security gaps found internally.