Chrome 99 Audit

Find Outdated Chrome Installations

Google released Chrome 99. In this release, Google fixed 28 security issues and added additional features. The new features include:

  • Convert adoptedStyleSheets to use ObservableArray
  • Allow infinity, -infinity and NaN in CSS calc()
  • CSS cascade layers
  • Unprefixed text-emphasis properties
  • New Canvas 2D API
  • Autofill in ShadowDOM
  • Remove font-family -webkit-standard
  • HTMLInputElement showPicker()
  • Replace GamepadList with sequence<Gamepad?> for navigator.getGamepads() return value
  • Handwriting Recognition API
  • Intl Enumeration API
  • Intl Locale Info in ECMA402
  • "audioworklet" destination for AudioWorklet
  • "paintworklet" destination for PaintWorklet

Details on all of these features can be found on the Chrome Status page. As always, Google takes its time with putting our a larger blog post covering the most important changes however, you can find a very brief summary on the Chrome release page.

Regarding security, Google fixed the following vulnerabilities disclosed by external researchers:

  • High CVE-2022-0789: Heap buffer overflow in ANGLE.
  • High CVE-2022-0790: Use after free in Cast UI.
  • High CVE-2022-0791: Use after free in Omnibox.
  • High CVE-2022-0792: Out of bounds read in ANGLE.
  • High CVE-2022-0793: Use after free in Views.
  • High CVE-2022-0794: Use after free in WebShare.
  • High CVE-2022-0795: Type Confusion in Blink Layout.
  • High CVE-2022-0796: Use after free in Media.
  • High CVE-2022-0797: Out of bounds memory access in Mojo.
  • Medium CVE-2022-0798: Use after free in MediaStream.
  • Medium CVE-2022-0799: Insufficient policy enforcement in Installer.
  • Medium CVE-2022-0800: Heap buffer overflow in Cast UI.
  • Medium CVE-2022-0801: Inappropriate implementation in HTML parser.
  • Medium CVE-2022-0802: Inappropriate implementation in Full screen mode.
  • Medium CVE-2022-0803: Inappropriate implementation in Permissions.
  • Medium CVE-2022-0804: Inappropriate implementation in Full screen mode.
  • Medium CVE-2022-0805: Use after free in Browser Switcher.
  • Medium CVE-2022-0806: Data leak in Canvas.
  • Medium CVE-2022-0807: Inappropriate implementation in Autofill.
  • Medium CVE-2022-0808: Use after free in Chrome OS Shell.
  • Medium CVE-2022-0809: Out of bounds memory access in WebXR.

With the report below, you can easily find which computers in your network do not have this latest Chrome version installed. Simply run the report to get a complete overview of your environment.

Run our Chrome 99 Query

Select Top 1000000 tblAssets.AssetID,
tblAssets.AssetName,
tblAssets.Domain,
tsysAssetTypes.AssetTypename As AssetType,
tblAssets.Username,
tblAssets.Userdomain,
tsysAssetTypes.AssetTypeIcon10 As icon,
tblAssets.IPAddress,
tblSoftwareUni.softwareName As Software,
tblSoftware.softwareVersion As Version,
tblSoftwareUni.SoftwarePublisher As Publisher,
Case
When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) > 99 Then
'Up to date'
When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) = 99 And
Cast(SubString(tblSoftware.softwareVersion, 6, 4) As INT) > 4844
Then 'Up to date'
When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) = 99 And
Cast(SubString(tblSoftware.softwareVersion, 6, 4) As INT) = 4844
And Cast(SubString(tblSoftware.softwareVersion, 11, 4) As INT) >= 51 Then
'Up to date'
Else 'Out of date'
End As [Patch Status],
tsysIPLocations.IPLocation,
tblAssetCustom.Manufacturer,
tblAssetCustom.Model,
tsysOS.OSname As OS,
tblAssets.SP,
tblAssets.Lastseen,
tblAssets.Lasttried,
tblSoftware.Lastchanged,
Case
When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) > 99 Then
'#d4f4be'
When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) = 99 And
Cast(SubString(tblSoftware.softwareVersion, 6, 4) As INT) > 4844
Then '#d4f4be'
When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) = 99 And
Cast(SubString(tblSoftware.softwareVersion, 6, 4) As INT) = 4844
And Cast(SubString(tblSoftware.softwareVersion, 11, 4) As INT) >= 51 Then
'#d4f4be'
Else '#ffadad'
End As backgroundcolor
From tblAssets
Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
Inner Join tsysIPLocations On tsysIPLocations.LocationID =
tblAssets.LocationID
Inner Join tblState On tblState.State = tblAssetCustom.State
Inner Join tblSoftware On tblAssets.AssetID = tblSoftware.AssetID
Inner Join tblSoftwareUni On tblSoftwareUni.SoftID = tblSoftware.softID
Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
Where tblSoftwareUni.softwareName Like '%Google Chrome%' And
tblSoftwareUni.SoftwarePublisher Like '%Google%' And tblState.Statename =
'Active'

Audit and Take Action in 3 Easy Steps

1. Download & Install Lansweeper

3. Run the Audit & Take Action

Download Lansweeper to Run this Audit

Harness the Power of Reporting