Google formed Cchrome 104.0.5112.101, in which Fixed 10 vulnerabilities, including critical vulnerability (CVE-2022-2852), which allows you to circumvent all levels of browser protection and execute the code in the system outside Sandbox-rejection. Details so far are not revealed , it is only known that critical vulnerability is associated with an appeal to the already released memory (use-api) in the implementation of the API fedcm (Federal Crediential Management), which allows you to create combined identification services and work without inter -shit detachment mechanisms, such as processing by third -party work. /p>
Of other corrected vulnerabilities, you can note problems with the already released memory in the Swiftshader rendering system, the Blink, OS Shell, linking to the Google entrance and the layer angle .
In addition, the update is eliminated by the overflow of the buffer in the download code, shortcomings in Extensions API and incorrect verification of input data in the application call mechanism from Web-pages ( Intents ).