Chrome 105 Audit

Find Outdated Chrome Installations

Google released Chrome 105 for Windows, Linux, and Mac. In this release, Google fixed 24 security issues and added additional features. The new features include:

  • As Chrome apps will no soon longer be supported on Windows, Mac, and Linux, in favor of Progressive Web Apps, Chrome 105 will show a warning message if you are force-installing any Chrome apps.
  • Further sandbox security mitigation is applied to renderer processes. They are placed inside an additional App Container on top of the existing sandbox.
  • Chrome 105 maintains its own default root store.
  • Web SQL deprecation in non-secure contexts.
  • Chrome sync ends support for Chrome 73 and earlier.
  • Policies on Mac distinguished between user and machine.
  • Add Set-Cookie as forbidden header name for Fetch.
  • Disabling Chrome Variations no longer disables the Chrome Cleanup Tool.
  • Internal certificate viewer for server certificates on Mac and Windows.
  • Privacy Sandbox updates on FLEDGE on Android.
  • WebAuthn: prompt users for Bluetooth permissions on macOS.
  • Syntax changes to markup based Client Hints delegation.
  • The "From the web feature" in the site info UI is now called "About this page" (Android)
  • Enhanced Safe Browsing Google accounts integration on desktop.
  • ForceBrowserSignIn policy requires EnableExperimentalPolicies on Linux.
  • Browser extension telemetry.
  • New and updated policies in Chrome browser.

More details on all of these features can be found on the Chrome Status page. As always, Google takes its time with putting out a larger blog post covering the most important changes however, you can find a very brief summary on the Chrome release page.

With the report below, you can easily find which computers in your network do not have this latest Chrome version installed. Simply run the report to get a complete overview of your environment.

Run our Chrome 105 Query

Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tsysAssetTypes.AssetTypename As AssetType,
tblAssets.Username,
tblAssets.Userdomain,
Coalesce(tsysOS.Image, tsysAssetTypes.AssetTypeIcon10) As icon,
tblAssets.IPAddress,
tblSoftwareUni.softwareName As Software,
tblSoftware.softwareVersion As Version,
tblSoftwareUni.SoftwarePublisher As Publisher,
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
Coalesce(tsysOS.OSname, tblSccmAsset.OsCaption,
tblSccmAsset.OperatingSystemNameandVersion) As OS,
tblAssets.Version As OSVersion,
Case
When tblErrors.ErrorText Is Not Null Or
tblErrors.ErrorText != '' Then
'Scanning Error: ' + tsysasseterrortypes.ErrorMsg
Else ''
End As ScanningErrors,
tblAssets.Lastseen As [Last successful scan],
tblAssets.Lasttried As [Last scan attempt]
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
Inner Join tblSoftware On tblAssets.AssetID = tblSoftware.AssetID
Inner Join tblSoftwareUni On tblSoftwareUni.SoftID = tblSoftware.softID
Left Outer Join tsysOS On tsysOS.OScode = tblAssets.OScode
Left Outer Join tblSccmAsset On tblAssets.AssetID = tblSccmAsset.AssetId
Left Join (Select Distinct Top 1000000 tblErrors.AssetID As ID,
Max(tblErrors.Teller) As ErrorID
From tblErrors
Group By tblErrors.AssetID) As ScanningError On tblAssets.AssetID =
ScanningError.ID
Left Join tblErrors On ScanningError.ErrorID = tblErrors.Teller
Left Join tsysasseterrortypes On tsysasseterrortypes.Errortype =
tblErrors.ErrorType
Where tblSoftwareUni.softwareName Like '%Google Chrome%' And
tblSoftwareUni.SoftwarePublisher Like '%Google%' And tblState.Statename =
'Active' And ((Cast(ParseName(tblSoftware.softwareVersion, 4) As int) < 105)
Or (Cast(ParseName(tblSoftware.softwareVersion, 4) As int) = 105 And
Cast(ParseName(tblSoftware.softwareVersion, 2) As int) < 5195) Or
(Cast(ParseName(tblSoftware.softwareVersion, 4) As int) = 105 And
Cast(ParseName(tblSoftware.softwareVersion, 2) As int) = 5195 And
Cast(ParseName(tblSoftware.softwareVersion, 1) As int) < 52))
Union
Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tsysAssetTypes.AssetTypename As AssetType,
tblAssets.Username,
tblAssets.Userdomain,
tsysAssetTypes.AssetTypeIcon10 As icon,
tblAssets.IPAddress,
tblSoftwareUni.softwareName As Software,
tblMacApplications.Version As Version,
tblSoftwareUni.SoftwarePublisher As Publisher,
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tblMacOSInfo.SystemVersion As OS,
tblAssets.Version As OSVersion,
Case
When tblErrors.ErrorText Is Not Null Or
tblErrors.ErrorText != '' Then
'Scanning Error: ' + tsysasseterrortypes.ErrorMsg
Else ''
End As ScanningErrors,
tblAssets.Lastseen As [Last successful scan],
tblAssets.Lasttried As [Last scan attempt]
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
Inner Join tblMacApplications On
tblAssets.AssetID = tblMacApplications.AssetID
Inner Join tblSoftwareUni On tblSoftwareUni.SoftID = tblMacApplications.softid
Inner Join tblMacOSInfo On tblMacOSInfo.AssetID = tblAssets.AssetID
Left Join (Select Distinct Top 1000000 tblErrors.AssetID As ID,
Max(tblErrors.Teller) As ErrorID
From tblErrors
Group By tblErrors.AssetID) As ScanningError On tblAssets.AssetID =
ScanningError.ID
Left Join tblErrors On ScanningError.ErrorID = tblErrors.Teller
Left Join tsysasseterrortypes On tsysasseterrortypes.Errortype =
tblErrors.ErrorType
Where tblSoftwareUni.softwareName Like '%Google Chrome%' And
tblState.Statename = 'Active' And ((Cast(ParseName(tblMacApplications.Version,
4) As int) < 105) Or (Cast(ParseName(tblMacApplications.Version,
4) As int) = 105 And Cast(ParseName(tblMacApplications.Version,
2) As int) < 5195) Or (Cast(ParseName(tblMacApplications.Version,
4) As int) = 105 And Cast(ParseName(tblMacApplications.Version,
2) As int) = 5195 And Cast(ParseName(tblMacApplications.Version,
1) As int) < 52))
Union
Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tsysAssetTypes.AssetTypename As AssetType,
tblLinuxUser.UserName,
tblAssets.Userdomain,
tsysAssetTypes.AssetTypeIcon10 As icon,
tblAssets.IPAddress,
subquery1.Software,
subquery1.Version,
subquery1.Publisher,
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tblLinuxSystem.OSRelease As OS,
tblAssets.Version As OSVersion,
Case
When tblErrors.ErrorText Is Not Null Or
tblErrors.ErrorText != '' Then
'Scanning Error: ' + tsysasseterrortypes.ErrorMsg
Else ''
End As ScanningErrors,
tblAssets.Lastseen As [Last successful scan],
tblAssets.Lasttried As [Last scan attempt]
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
Inner Join tblLinuxSystem On tblAssets.AssetID = tblLinuxSystem.AssetID
Inner Join tblLinuxUser On tblAssets.AssetID = tblLinuxUser.AssetID
Inner Join tblLinuxUserLogon On tblLinuxUserLogon.Id = tblLinuxUser.id
Inner Join (Select tblLinuxUser.AssetId,
Max(tblLinuxUserLogon.LogonTime) As MaxLogontime
From tblLinuxUser
Inner Join tblLinuxUserLogon On tblLinuxUserLogon.Id = tblLinuxUser.id
Group By tblLinuxUser.assetid) As subquery2 On subquery2.MaxLogontime =
tblLinuxUserLogon.LogonTime
Inner Join (Select tblSoftwareUni.softwareName As Software,
tblSoftwareUni.SoftwarePublisher As Publisher,
tblLinuxSoftware.LastChanged,
tblLinuxSoftware.assetid,
Case
When tblLinuxSoftware.Version Like '%-%' Then
Left(tblLinuxSoftware.Version, CharIndex('-',
tblLinuxSoftware.Version) - 1)
Else tblLinuxSoftware.Version
End As Version
From tblLinuxSoftware
Inner Join tblSoftwareUni On tblSoftwareUni.SoftID =
tblLinuxSoftware.SoftwareUniID) As subquery1 On subquery1.assetid =
tblAssets.assetid
Left Join (Select Distinct Top 1000000 tblErrors.AssetID As ID,
Max(tblErrors.Teller) As ErrorID
From tblErrors
Group By tblErrors.AssetID) As ScanningError On tblAssets.AssetID =
ScanningError.ID
Left Join tblErrors On ScanningError.ErrorID = tblErrors.Teller
Left Join tsysasseterrortypes On tsysasseterrortypes.Errortype =
tblErrors.ErrorType
Where subquery1.Software = 'google-chrome-stable' And tblState.Statename =
'Active' And ((Cast(ParseName(subquery1.Version, 4) As int) < 105) Or
(Cast(ParseName(subquery1.Version, 4) As int) = 105 And
Cast(ParseName(subquery1.Version, 2) As int) < 5195) Or
(Cast(ParseName(subquery1.Version, 4) As int) = 105 And
Cast(ParseName(subquery1.Version, 2) As int) = 5195 And
Cast(ParseName(subquery1.Version, 1) As int) < 52))
Order By Domain,
AssetName,
Software

Google Chrome 105 CVE Codes

SeverityCVEDescription
CriticalCVE-2022-3038Use after free in Network Service.
HighCVE-2022-3039Use after free in WebSQL.
HighCVE-2022-3040Use after free in Layout.
HighCVE-2022-3041Use after free in WebSQL.
HighCVE-2022-3042Use after free in PhoneHub.
HighCVE-2022-3043Heap buffer overflow in Screen Capture.
HighCVE-2022-3044Inappropriate implementation in Site Isolation.
HighCVE-2022-3045Insufficient validation of untrusted input in V8.
HighCVE-2022-3046Use after free in Browser Tag.
MediumCVE-2022-3047Insufficient policy enforcement in Extensions API.
MediumCVE-2022-3048Inappropriate implementation in Chrome OS lockscreen.
MediumCVE-2022-3049Use after free in SplitScreen.
MediumCVE-2022-3050Heap buffer overflow in WebUI.
MediumCVE-2022-3051Heap buffer overflow in Exosphere.
MediumCVE-2022-3052Heap buffer overflow in Window Manager.
MediumCVE-2022-3053Inappropriate implementation in Pointer Lock.
MediumCVE-2022-3054Insufficient policy enforcement in DevTools.
MediumCVE-2022-3055Use after free in Passwords.
LowCVE-2022-3056Insufficient policy enforcement in Content Security Policy.
LowCVE-2022-3057Inappropriate implementation in iframe Sandbox.
LowCVE-2022-3058 Use after free in Sign-In Flow.

 

Audit and Take Action in 3 Easy Steps

Download-Install-Lansweeper

1. Download & Install Lansweeper

Save-and-Run-the-Report

3. Run the Audit & Take Action

Download Lansweeper to Run this Audit