Chrome 89 0-day Vulnerability Report

Discover Chrome 89 0-Day Vulnerabilities

Google released Chrome 89.0.4389.72 with 47 security fixes. The biggest flaw (CVE-2021-21166) with high-severity is found within the Audio component of Chrome. Google stated that "it will roll out updates during the coming weeks."

The current security flaw (CVE-2021-21166) is actively exploited in the wild. Google said that this flaw comes from an Object Lifecycle issue: this is the duration in which programming language is valid for use. Due to the large numbers of people who haven't got the fix yet, there are no further details available.

chrome-89-vulnerability-report
Chrome 89 Audit - Sample Report

Other High-Severity flaws Fixed within Google Chrome 89

CVE Code

CVE Vulnerability Type

CVE-2021-21159

Heap buffer overflow in TabStrip

CVE-2021-21160

Heap buffer overflow in WebAudio

CVE-2021-21161

Heap buffer overflow in TabStrip

CVE-2021-21162

Use after free in WebRTC

CVE-2021-21163

Insufficient data validation in Reader Mode

CVE-2021-21164

Insufficient data validation in Chrome for iOS

CVE-2021-21165

Object lifecycle issue in Chrome Audio

CVE-2021-21166

Object lifecycle issue in Chrome Audio

 

 

Run our Chrome 89 report query to find all outdated Google Chrome installations

Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tsysAssetTypes.AssetTypename As AssetType,
tblAssets.Username,
tblAssets.Userdomain,
tsysAssetTypes.AssetTypeIcon10 As icon,
tblAssets.IPAddress,
tblSoftwareUni.softwareName As Software,
tblSoftware.softwareVersion As Version,
tblSoftwareUni.SoftwarePublisher As Publisher,
Case
When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) > 89 Then
'Up to date'
When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) = 89 And
Cast(SubString(tblSoftware.softwareVersion, 6, 4) As INT) > 4389
Then 'Up to date'
When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) = 89 And
Cast(SubString(tblSoftware.softwareVersion, 6, 4) As INT) = 4389
And Cast(SubString(tblSoftware.softwareVersion, 11, 4) As INT) >= 72 Then
'Up to date'
Else 'Out of date'
End As [Patch Status],
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tsysOS.OSname As OS,
tblAssets.SP,
tblAssets.Lastseen,
tblAssets.Lasttried,
tblSoftware.Lastchanged,
Case
When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) > 89 Then
'#d4f4be'
When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) = 89 And
Cast(SubString(tblSoftware.softwareVersion, 6, 4) As INT) > 4389
Then '#d4f4be'
When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) = 89 And
Cast(SubString(tblSoftware.softwareVersion, 6, 4) As INT) = 4389
And Cast(SubString(tblSoftware.softwareVersion, 11, 4) As INT) >= 72 Then
'#d4f4be'
Else '#ffadad'
End As backgroundcolor
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
Inner Join tblSoftware On tblAssets.AssetID = tblSoftware.AssetID
Inner Join tblSoftwareUni On tblSoftwareUni.SoftID = tblSoftware.softID
Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
Where tblSoftwareUni.softwareName Like '%Google Chrome%' And
tblSoftwareUni.SoftwarePublisher Like '%Google%' And tblState.Statename =
'Active'

Audit and Take Action in 3 Easy Steps

1. Download & Install Lansweeper

3. Run the Audit & Take Action

Download Lansweeper to Run this Audit