Note: Google Chrome stopped release 32-bit builds for linux since Chrome 49. If you are still using 32-bit linux and would like to be protected with the latest security patches as well, you can use Slimjet Web Browser, which is based the Chromium open source project and continues to support 32-bit linux. Apr 18, 2021 Note: Google Chrome stopped release 32-bit builds for linux since Chrome 49. If you are still using 32-bit linux and would like to be protected with the latest security patches as well, you can use Slimjet Web Browser, which is based the Chromium open source project and continues to support 32-bit linux.
User Agent String explained :
Chrome 70.0.3538.77 | |
---|---|
Mozilla | MozillaProductSlice. Claims to be a Mozilla based user agent, which is only true for Gecko browsers like Firefox and Netscape. For all other user agents it means 'Mozilla-compatible'. In modern browsers, this is only used for historical reasons. It has no real meaning anymore |
5.0 | Mozilla version |
Windows NT 10.0 | Operating System: Windows 10 |
Win64 | (Win32 for 64-Bit-Windows) API implemented on 64-bit platforms of the Windows architecture - currently AMD64 and IA64 |
x64 | 64-bit windows version |
AppleWebKit | The Web Kit provides a set of core classes to display web content in windows |
537.36 | Web Kit build |
KHTML | Open Source HTML layout engine developed by the KDE project |
like Gecko | like Gecko... |
Chrome | Name : Chrome |
70.0.3538.77 | Chrome version |
Safari | Based on Safari |
537.36 | Safari build |
Description: | Free open-source web browser developed by Google. Chromium is the name of the open source project behind GoogleChrome, released under the BSD license. |
Last visit: | 2021.08.11 09:19 |
All Chrome user agent strings |
Security flaws and vulnerabilities in popular software and applications have become a constant in the cybersecurity environment. This is especially notable when security flaws can potentially lead to a broader range of consequences for the general public. Oftentimes, this is unfortunately the case.
A software vulnerability can lead to drastically different scenarios e.g depending on the scope of how it will be exploited by malicious actors. On multiple occasions, security flaws have cropped up which allow a cybercriminal to remote control a system by taking advantage of security gaps.
Recently, in particular, a slew of these remote code execution vulnerabilities have been noted by security researchers. These flaws can also be discovered within any app, service, or software product and are in most cases patched (updated) without affecting too many users. However, sometimes simply patching an exploited vulnerability is impossible at the heavy end of the spectrum. To that end, simple vulnerabilities can lead to security flaws like zero-days that can translate to a global threat.
This time, the latest release reports indicate yet another issue with the Google Chrome browser. Google’s widely-used Chrome browser has been particularly in the spotlight because of a steady flow of security vulnerabilities. These specific vulnerabilities have been reported via Google Chrome Releases on August 2nd, 2021.
Seven Vulnerabilities Discovered in Google Chrome
On August 2nd, 2021 it has been reported officially by the ‘Chrome team’ (posted by security researcher Srinivas Sista) on the Google Blog that seven vulnerabilities were discovered in Google’s Chrome Browser. In this instance, all of the vulnerabilities affect the same software versions of Google Chrome and are categorized ranging from medium to high risk as per the CVE (Common Vulnerabilities and Exposures) system. There are a total of 5 high-risk vulnerabilities, and 2 medium-risk vulnerabilities within Google Chrome’s functions.
Description of The Vulnerabilities
A description of the seven vulnerabilities is as follows separated into high and medium risk categories;
High-Risk
- A high-risk heap buffer overflow in the bookmarks function can allow a remote attacker to compromise a vulnerable system
- A high-risk use after free flaw in the file system API that can allow a remote attacker to compromise a vulnerable system
- A high-risk out of bounds write flaw in the tab groups function that can allow a remote attacker to compromise a vulnerable system
- A high-risk out of bounds read in the tab strip function that can allow a remote attacker to compromise a vulnerable system
- A high-risk use after free flaw in the page info UI function that can allow a remote attacker to compromise a vulnerable system
Medium-Risk
- A medium-risk incorrect security flaw in the UI in navigation function that can allow a remote attacker to perform a spoofing attack
- A medium-risk use after free flaw in the browser UI function that can allow a remote attacker to compromise a vulnerable system
Technical Details Surrounding The Vulnerability
The Google Chrome vulnerabilities are classified as follows, along with their respective CVE ID codes;
- CVE-2021-30590 -High
- CVE-2021-30591 -High
- CVE-2021-30592 -High
- CVE-2021-30593 -High
- CVE-2021-30594 -High
- CVE-2021-30596 – Medium
- CVE-2021-30597 – Medium
The vulnerable software version numbers of Google Chrome are as follows;
Google Chrome 70.0.3538.77 Update
The Conclusion
Google Chrome 70.0.3538.77 Version
So far, Google has not officially released any information regarding any exploits resulting from these vulnerabilities. This means that no reported damage to users has resulted as of yet. Furthermore, a patch has since been developed and released that mitigates the above seven vulnerabilities. Users should update to the Chrome stable channel update 92.0.4515.131 as soon as possible for Windows, Mac, and Linux. The update, according to Google, contains 10 security fixes.