Google announced the release of Chrome 103 to the stable channel with patches for a total of 14 vulnerabilities, including nine reported by external researchers.
CVE-2022-2156, which is described as a critical-severity use-after-free issue in Base.
Leading to arbitrary code execution, corruption of data ,use-after-free flaws are triggered when a program frees memory allocation but does not clear the pointer after that.
Chrome 103 resolves three other use-after-free vulnerabilities found by external researchers, impacting components such as
- Interest groups (CVE-2022-2157, high severity)
- WebApp Provider (CVE-2022-2161, medium severity)
- Cast UI and Toolbar (CVE-2022-2163, low severity).
New Version Chrome 103
The new version of Google’s Chrome web browser introduces support for a new prerendering technology.
Google believes will improve Chrome’s page loading speed significantly.
- Improved autofill of fields with credit and debit payment card numbers, now supporting cards saved through Google Pay.
- The Windows version uses the built-in DNS client by default, which is also used by the macOS, Android, and Chrome OS versions.
- Stabilized and offered to all API Local Font Access , with which you can determine and use the fonts installed on the system, as well as manipulate fonts at a low level (for example, filter and transform glyphs).
- The implementation of the popstate event has been aligned with the behavior of Firefox. The popstate event now fires immediately after a URL change without waiting for the load event to fire.
- For pages opened without HTTPS and from iframe blocks, access to the Gamepad API and Battery Status API is prohibited.
Finally latest Chrome release is currently rolling out to Windows, Mac, and Linux users as version 103.0.5060.53.