Chrome 95 Zero-day Audit

Find Outdated Chrome Installations

Google released Chrome 95.0.4638.69 in response to two actively exploited zero-day vulnerabilities the company mentioned in their patch notes: "Google is aware that exploits for CVE-2021-38000 and CVE-2021-38003 exist in the wild".

  • CVE-2021-38000: Insufficient validation of untrusted input in Intents.
  • CVE-2021-38003: Inappropriate implementation in V8.

Google hasn't provided details on how exploitation is taking place, likely to prevent it from occurring more frequently. Aside from the two exploited vulnerabilities, an additional 5 vulnerabilities have been fixed.

  • CVE-2021-38002: Use after free in Web Transport.
  • CVE-2021-38001: Type Confusion in V8.
  • CVE-2021-37999: Insufficient data validation in New Tab Page.
  • CVE-2021-37998: Use after free in Garbage Collection.
  • CVE-2021-37997: Use after free in Sign-In.

With the report below, you can easily find which computers in your network do not have this latest Chrome version installed. Simply run the report to get a complete overview of your environment.

 

Run our Chrome 95.0.4638.69 Query

Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tsysAssetTypes.AssetTypename As AssetType,
tblAssets.Username,
tblAssets.Userdomain,
tsysAssetTypes.AssetTypeIcon10 As icon,
tblAssets.IPAddress,
tblSoftwareUni.softwareName As Software,
tblSoftware.softwareVersion As Version,
tblSoftwareUni.SoftwarePublisher As Publisher,
Case
When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) > 95 Then
'Up to date'
When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) = 95 And
Cast(SubString(tblSoftware.softwareVersion, 6, 4) As INT) > 4638
Then 'Up to date'
When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) = 95 And
Cast(SubString(tblSoftware.softwareVersion, 6, 4) As INT) = 4638
And Cast(SubString(tblSoftware.softwareVersion, 11, 4) As INT) >= 69 Then
'Up to date'
Else 'Out of date'
End As [Patch Status],
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tsysOS.OSname As OS,
tblAssets.SP,
tblAssets.Lastseen,
tblAssets.Lasttried,
tblSoftware.Lastchanged,
Case
When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) > 95 Then
'#d4f4be'
When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) = 95 And
Cast(SubString(tblSoftware.softwareVersion, 6, 4) As INT) > 4638
Then '#d4f4be'
When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) = 95 And
Cast(SubString(tblSoftware.softwareVersion, 6, 4) As INT) = 4638
And Cast(SubString(tblSoftware.softwareVersion, 11, 4) As INT) >= 69 Then
'#d4f4be'
Else '#ffadad'
End As backgroundcolor
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
Inner Join tblSoftware On tblAssets.AssetID = tblSoftware.AssetID
Inner Join tblSoftwareUni On tblSoftwareUni.SoftID = tblSoftware.softID
Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
Where tblSoftwareUni.softwareName Like '%Google Chrome%' And
tblSoftwareUni.SoftwarePublisher Like '%Google%' And tblState.Statename =
'Active'

Audit and Take Action in 3 Easy Steps

1. Download & Install Lansweeper

3. Run the Audit & Take Action

Download Lansweeper to Run this Audit