Chrome 100 Audit

Find Outdated Chrome Installations

Google released Chrome 100. In this release, Google fixed 28 security issues and added additional features. The new features include:

  • Screen sharing fix for macOS
  • Chrome major version number reaches 100
  • Updates for Legacy Browser Support <open-in> rules
  • Chrome 100 removes the AllowSyncXHRInPageDismissal policy
  • New WebHID enterprise policies
  • Chrome 100 removes Lite Mode on Android
  • Chrome Actions introduced on Android
  • Chrome on Android supports login using QR codes
  • Updates to the Certificate Transparency policy
  • Multi-Screen Window Placement API stable launch
  • Changes to tab-sharing blue border behavior
  • Chrome on iOS users can choose their default website view
  • Chrome adds Google Account-tied tokens to Enhanced Safe Browsing pings
  • Dismiss password alerts on Desktop
  • Chrome expands SCT auditing to more users
  • Chrome no longer supports TLS 1.0/1.1 on Android WebView
  • New and updated policies in Chrome browser

Details on all of these features can be found on the Chrome Status page. As always, Google takes its time with putting our a larger blog post covering the most important changes however, you can find a very brief summary on the Chrome release page.

Regarding security, Google fixed the following vulnerabilities disclosed by external researchers:

  • CVE-2022-1125: Use after free in Portals.
  • CVE-2022-1127: Use after free in QR Code Generator.
  • CVE-2022-1128: Inappropriate implementation in Web Share API.
  • CVE-2022-1129: Inappropriate implementation in Full Screen Mode.
  • CVE-2022-1130: Insufficient validation of untrusted input in WebOTP.
  • CVE-2022-1131: Use after free in Cast UI.
  • CVE-2022-1132: Inappropriate implementation in Virtual Keyboard.
  • CVE-2022-1133: Use after free in WebRTC.
  • CVE-2022-1134: Type Confusion in V8.
  • CVE-2022-1135: Use after free in Shopping Cart.
  • CVE-2022-1136: Use after free in Tab Strip.
  • CVE-2022-1137: Inappropriate implementation in Extensions.
  • CVE-2022-1138: Inappropriate implementation in Web Cursor.
  • CVE-2022-1139: Inappropriate implementation in Background Fetch API.
  • CVE-2022-1141: Use after free in File Manager.
  • CVE-2022-1142: Heap buffer overflow in WebUI.
  • CVE-2022-1143: Heap buffer overflow in WebUI.
  • CVE-2022-1144: Use after free in WebUI.
  • CVE-2022-1145: Use after free in Extensions.
  • CVE-2022-1146: Inappropriate implementation in Resource Timing.

With the report below, you can easily find which computers in your network do not have this latest Chrome version installed. Simply run the report to get a complete overview of your environment.

2022-03-31
- Updated report to fix issue with Chrome's extra version number

Run our Chrome 100 Query

Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tsysAssetTypes.AssetTypename As AssetType,
tblAssets.Username,
tblAssets.Userdomain,
tsysAssetTypes.AssetTypeIcon10 As icon,
tblAssets.IPAddress,
tblSoftwareUni.softwareName As Software,
tblSoftware.softwareVersion As Version,
tblSoftwareUni.SoftwarePublisher As Publisher,
Case
When Cast(ParseName(tblSoftware.softwareVersion, 4) As int) > 100 Then
'Up to date'
When Cast(ParseName(tblSoftware.softwareVersion, 4) As int) = 100 And
Cast(ParseName(tblSoftware.softwareVersion, 2) As int) > 4896
Then 'Up to date'
When Cast(ParseName(tblSoftware.softwareVersion, 4) As int) = 100 And
Cast(ParseName(tblSoftware.softwareVersion, 2) As int) = 4896
And Cast(ParseName(tblSoftware.softwareVersion, 1) As int) >= 60 Then
'Up to date'
Else 'Out of date'
End As [Patch Status],
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tsysOS.OSname As OS,
tblAssets.SP,
tblAssets.Lastseen,
tblAssets.Lasttried,
tblSoftware.Lastchanged,
Case
When Cast(ParseName(tblSoftware.softwareVersion, 4) As int) > 100 Then
'#d4f4be'
When Cast(ParseName(tblSoftware.softwareVersion, 4) As int) = 100 And
Cast(ParseName(tblSoftware.softwareVersion, 2) As int) > 4896
Then '#d4f4be'
When Cast(ParseName(tblSoftware.softwareVersion, 4) As int) = 100 And
Cast(ParseName(tblSoftware.softwareVersion, 2) As int) = 4896
And Cast(ParseName(tblSoftware.softwareVersion, 1) As int) >= 60 Then
'#d4f4be'
Else '#ffadad'
End As backgroundcolor
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
Inner Join tblSoftware On tblAssets.AssetID = tblSoftware.AssetID
Inner Join tblSoftwareUni On tblSoftwareUni.SoftID = tblSoftware.softID
Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
Where tblSoftwareUni.softwareName Like '%Google Chrome%' And
tblSoftwareUni.SoftwarePublisher Like '%Google%' And tblState.Statename =
'Active'

Audit and Take Action in 3 Easy Steps

1. Download & Install Lansweeper

3. Run the Audit & Take Action

Download Lansweeper to Run this Audit

Harness the Power of Reporting