Google released Chrome 105 for Windows, Linux, and Mac. In this release, Google fixed 24 security issues and added additional features. The new features include:
As Chrome apps will no soon longer be supported on Windows, Mac, and Linux, in favor of Progressive Web Apps, Chrome 105 will show a warning message if you are force-installing any Chrome apps.
Further sandbox security mitigation is applied to renderer processes. They are placed inside an additional App Container on top of the existing sandbox.
Chrome 105 maintains its own default root store.
Web SQL deprecation in non-secure contexts.
Chrome sync ends support for Chrome 73 and earlier.
Policies on Mac distinguished between user and machine.
Add Set-Cookie as forbidden header name for Fetch.
Disabling Chrome Variations no longer disables the Chrome Cleanup Tool.
Internal certificate viewer for server certificates on Mac and Windows.
Privacy Sandbox updates on FLEDGE on Android.
WebAuthn: prompt users for Bluetooth permissions on macOS.
Syntax changes to markup based Client Hints delegation.
The “From the web feature” in the site info UI is now called “About this page” (Android)
Enhanced Safe Browsing Google accounts integration on desktop.
ForceBrowserSignIn policy requires EnableExperimentalPolicies on Linux.
Browser extension telemetry.
New and updated policies in Chrome browser.
More details on all of these features can be found on the Chrome Status page. As always, Google takes its time with putting out a larger blog post covering the most important changes however, you can find a very brief summary on the Chrome release page.
With the report below, you can easily find which computers in your network do not have this latest Chrome version installed. Simply run the report to get a complete overview of your environment.
Run our Chrome 105 Query
Severity
CVE
Description
Critical
CVE-2022-3038
Use after free in Network Service.
High
CVE-2022-3039
Use after free in WebSQL.
High
CVE-2022-3040
Use after free in Layout.
High
CVE-2022-3041
Use after free in WebSQL.
High
CVE-2022-3042
Use after free in PhoneHub.
High
CVE-2022-3043
Heap buffer overflow in Screen Capture.
High
CVE-2022-3044
Inappropriate implementation in Site Isolation.
High
CVE-2022-3045
Insufficient validation of untrusted input in V8.
High
CVE-2022-3046
Use after free in Browser Tag.
Medium
CVE-2022-3047
Insufficient policy enforcement in Extensions API.
Medium
CVE-2022-3048
Inappropriate implementation in Chrome OS lockscreen.
Medium
CVE-2022-3049
Use after free in SplitScreen.
Medium
CVE-2022-3050
Heap buffer overflow in WebUI.
Medium
CVE-2022-3051
Heap buffer overflow in Exosphere.
Medium
CVE-2022-3052
Heap buffer overflow in Window Manager.
Medium
CVE-2022-3053
Inappropriate implementation in Pointer Lock.
Medium
CVE-2022-3054
Insufficient policy enforcement in DevTools.
Medium
CVE-2022-3055
Use after free in Passwords.
Low
CVE-2022-3056
Insufficient policy enforcement in Content Security Policy.
Low
CVE-2022-3057
Inappropriate implementation in iframe Sandbox.
Low
CVE-2022-3058
Use after free in Sign-In Flow.
Google Chrome 105 CVE Codes
Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tsysAssetTypes.AssetTypename As AssetType,
tblAssets.Username,
tblAssets.Userdomain,
Coalesce(tsysOS.Image, tsysAssetTypes.AssetTypeIcon10) As icon,
tblAssets.IPAddress,
tblSoftwareUni.softwareName As Software,
tblSoftware.softwareVersion As Version,
tblSoftwareUni.SoftwarePublisher As Publisher,
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
Coalesce(tsysOS.OSname, tblSccmAsset.OsCaption,
tblSccmAsset.OperatingSystemNameandVersion) As OS,
tblAssets.Version As OSVersion,
Case
When tblErrors.ErrorText Is Not Null Or
tblErrors.ErrorText != '' Then
'Scanning Error: ' + tsysasseterrortypes.ErrorMsg
Else ''
End As ScanningErrors,
tblAssets.Lastseen As [Last successful scan],
tblAssets.Lasttried As [Last scan attempt]
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
Inner Join tblSoftware On tblAssets.AssetID = tblSoftware.AssetID
Inner Join tblSoftwareUni On tblSoftwareUni.SoftID = tblSoftware.softID
Left Outer Join tsysOS On tsysOS.OScode = tblAssets.OScode
Left Outer Join tblSccmAsset On tblAssets.AssetID = tblSccmAsset.AssetId
Left Join (Select Distinct Top 1000000 tblErrors.AssetID As ID,
Max(tblErrors.Teller) As ErrorID
From tblErrors
Group By tblErrors.AssetID) As ScanningError On tblAssets.AssetID =
ScanningError.ID
Left Join tblErrors On ScanningError.ErrorID = tblErrors.Teller
Left Join tsysasseterrortypes On tsysasseterrortypes.Errortype =
tblErrors.ErrorType
Where tblSoftwareUni.softwareName Like '%Google Chrome%' And
tblSoftwareUni.SoftwarePublisher Like '%Google%' And tblState.Statename =
'Active' And ((Cast(ParseName(tblSoftware.softwareVersion, 4) As int) < 105)
Or (Cast(ParseName(tblSoftware.softwareVersion, 4) As int) = 105 And
Cast(ParseName(tblSoftware.softwareVersion, 2) As int) < 5195) Or
(Cast(ParseName(tblSoftware.softwareVersion, 4) As int) = 105 And
Cast(ParseName(tblSoftware.softwareVersion, 2) As int) = 5195 And
Cast(ParseName(tblSoftware.softwareVersion, 1) As int) < 52))
Union
Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tsysAssetTypes.AssetTypename As AssetType,
tblAssets.Username,
tblAssets.Userdomain,
tsysAssetTypes.AssetTypeIcon10 As icon,
tblAssets.IPAddress,
tblSoftwareUni.softwareName As Software,
tblMacApplications.Version As Version,
tblSoftwareUni.SoftwarePublisher As Publisher,
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tblMacOSInfo.SystemVersion As OS,
tblAssets.Version As OSVersion,
Case
When tblErrors.ErrorText Is Not Null Or
tblErrors.ErrorText != '' Then
'Scanning Error: ' + tsysasseterrortypes.ErrorMsg
Else ''
End As ScanningErrors,
tblAssets.Lastseen As [Last successful scan],
tblAssets.Lasttried As [Last scan attempt]
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
Inner Join tblMacApplications On
tblAssets.AssetID = tblMacApplications.AssetID
Inner Join tblSoftwareUni On tblSoftwareUni.SoftID = tblMacApplications.softid
Inner Join tblMacOSInfo On tblMacOSInfo.AssetID = tblAssets.AssetID
Left Join (Select Distinct Top 1000000 tblErrors.AssetID As ID,
Max(tblErrors.Teller) As ErrorID
From tblErrors
Group By tblErrors.AssetID) As ScanningError On tblAssets.AssetID =
ScanningError.ID
Left Join tblErrors On ScanningError.ErrorID = tblErrors.Teller
Left Join tsysasseterrortypes On tsysasseterrortypes.Errortype =
tblErrors.ErrorType
Where tblSoftwareUni.softwareName Like '%Google Chrome%' And
tblState.Statename = 'Active' And ((Cast(ParseName(tblMacApplications.Version,
4) As int) < 105) Or (Cast(ParseName(tblMacApplications.Version,
4) As int) = 105 And Cast(ParseName(tblMacApplications.Version,
2) As int) < 5195) Or (Cast(ParseName(tblMacApplications.Version,
4) As int) = 105 And Cast(ParseName(tblMacApplications.Version,
2) As int) = 5195 And Cast(ParseName(tblMacApplications.Version,
1) As int) < 52))
Union
Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tsysAssetTypes.AssetTypename As AssetType,
tblLinuxUser.UserName,
tblAssets.Userdomain,
tsysAssetTypes.AssetTypeIcon10 As icon,
tblAssets.IPAddress,
subquery1.Software,
subquery1.Version,
subquery1.Publisher,
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tblLinuxSystem.OSRelease As OS,
tblAssets.Version As OSVersion,
Case
When tblErrors.ErrorText Is Not Null Or
tblErrors.ErrorText != '' Then
'Scanning Error: ' + tsysasseterrortypes.ErrorMsg
Else ''
End As ScanningErrors,
tblAssets.Lastseen As [Last successful scan],
tblAssets.Lasttried As [Last scan attempt]
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
Inner Join tblLinuxSystem On tblAssets.AssetID = tblLinuxSystem.AssetID
Inner Join tblLinuxUser On tblAssets.AssetID = tblLinuxUser.AssetID
Inner Join tblLinuxUserLogon On tblLinuxUserLogon.Id = tblLinuxUser.id
Inner Join (Select tblLinuxUser.AssetId,
Max(tblLinuxUserLogon.LogonTime) As MaxLogontime
From tblLinuxUser
Inner Join tblLinuxUserLogon On tblLinuxUserLogon.Id = tblLinuxUser.id
Group By tblLinuxUser.assetid) As subquery2 On subquery2.MaxLogontime =
tblLinuxUserLogon.LogonTime
Inner Join (Select tblSoftwareUni.softwareName As Software,
tblSoftwareUni.SoftwarePublisher As Publisher,
tblLinuxSoftware.LastChanged,
tblLinuxSoftware.assetid,
Case
When tblLinuxSoftware.Version Like '%-%' Then
Left(tblLinuxSoftware.Version, CharIndex('-',
tblLinuxSoftware.Version) - 1)
Else tblLinuxSoftware.Version
End As Version
From tblLinuxSoftware
Inner Join tblSoftwareUni On tblSoftwareUni.SoftID =
tblLinuxSoftware.SoftwareUniID) As subquery1 On subquery1.assetid =
tblAssets.assetid
Left Join (Select Distinct Top 1000000 tblErrors.AssetID As ID,
Max(tblErrors.Teller) As ErrorID
From tblErrors
Group By tblErrors.AssetID) As ScanningError On tblAssets.AssetID =
ScanningError.ID
Left Join tblErrors On ScanningError.ErrorID = tblErrors.Teller
Left Join tsysasseterrortypes On tsysasseterrortypes.Errortype =
tblErrors.ErrorType
Where subquery1.Software = 'google-chrome-stable' And tblState.Statename =
'Active' And ((Cast(ParseName(subquery1.Version, 4) As int) < 105) Or
(Cast(ParseName(subquery1.Version, 4) As int) = 105 And
Cast(ParseName(subquery1.Version, 2) As int) < 5195) Or
(Cast(ParseName(subquery1.Version, 4) As int) = 105 And
Cast(ParseName(subquery1.Version, 2) As int) = 5195 And
Cast(ParseName(subquery1.Version, 1) As int) < 52))
Order By Domain,
AssetName,
Software
