Chrome 94 0-day Vulnerability Audit

Find Outdated Chrome Installations

Google released Chrome 94.0.4606.71 in response to two actively exploited vulnerabilities. Listed as CVE-2021-37975 and CVE-2021-37976, Google notes that it is "aware the exploits for CVE-2021-37975 and CVE-2021-37976 exist in the wild".

CVE-2021-37975 is a use-after-free flaw in V8 JavaScript and WebAssembly engine while CVE-2021-37976 is an information leak in the core. Google isn't sharing any additional information at this time to prevent further exploitation. This patch only comes a week after Google released another critical patch on September 24 which fixed 11 vulnerabilities. All of these vulnerabilities fixed in such a short period of time means that it is important to check if your chrome installations are up to date.

With the report below, you can easily find which computers in your network do not have this latest Chrome version installed. Simply run the report to get a complete overview of your environment.

 

Run our Chrome 94 Query

Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tsysAssetTypes.AssetTypename As AssetType,
tblAssets.Username,
tblAssets.Userdomain,
tsysAssetTypes.AssetTypeIcon10 As icon,
tblAssets.IPAddress,
tblSoftwareUni.softwareName As Software,
tblSoftware.softwareVersion As Version,
tblSoftwareUni.SoftwarePublisher As Publisher,
Case
When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) > 94 Then
'Up to date'
When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) = 94 And
Cast(SubString(tblSoftware.softwareVersion, 6, 4) As INT) > 4606
Then 'Up to date'
When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) = 94 And
Cast(SubString(tblSoftware.softwareVersion, 6, 4) As INT) = 4606
And Cast(SubString(tblSoftware.softwareVersion, 11, 4) As INT) >= 71 Then
'Up to date'
Else 'Out of date'
End As [Patch Status],
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tsysOS.OSname As OS,
tblAssets.SP,
tblAssets.Lastseen,
tblAssets.Lasttried,
tblSoftware.Lastchanged,
Case
When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) > 94 Then
'#d4f4be'
When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) = 94 And
Cast(SubString(tblSoftware.softwareVersion, 6, 4) As INT) > 4606
Then '#d4f4be'
When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) = 94 And
Cast(SubString(tblSoftware.softwareVersion, 6, 4) As INT) = 4606
And Cast(SubString(tblSoftware.softwareVersion, 11, 4) As INT) >= 71 Then
'#d4f4be'
Else '#ffadad'
End As backgroundcolor
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
Inner Join tblSoftware On tblAssets.AssetID = tblSoftware.AssetID
Inner Join tblSoftwareUni On tblSoftwareUni.SoftID = tblSoftware.softID
Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
Where tblSoftwareUni.softwareName Like '%Google Chrome%' And
tblSoftwareUni.SoftwarePublisher Like '%Google%' And tblState.Statename =
'Active'

Audit and Take Action in 3 Easy Steps

1. Download & Install Lansweeper

3. Run the Audit & Take Action

Download Lansweeper to Run this Audit