Chrome & Brave Browser Updates

Topic

New Reply

This is intended to alert Windows users of updates using the STABLE desktop channel only. Check your respective browser update channels to update.

IMPORTANT
14/09/22 – Google Chrome 105.0.5195.127
Release Notes:
https://chromereleases.googleblog.com/

This update includes 11 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

RATED HIGH:
CVE-2022-3195: Out of bounds write in Storage.
CVE-2022-3196: Use after free in PDF.
CVE-2022-3197: Use after free in PDF.
CVE-2022-3198: Use after free in PDF.
CVE-2022-3199: Use after free in Frames.
CVE-2022-3200: Heap buffer overflow in Internals.
CVE-2022-3201: Insufficient validation of untrusted input in DevTools.

IMPORTANT
14/09/22 – Brave 1.43.93
Release Notes:
https://brave.com/latest/

Release Notes v1.43.93 (Sep 14th, 2022)

Restored gesture requirement for async clipboard write access.
Fixed crash on brave://settings which occurred due to brave://flags/#brave-sync-v2 being disabled.
Fixed crash on the New Tab Page which occurred due to brave://flags/#brave-news being disabled.
Fixed crash when the “options” dictionary is null in a Brave Wallet “SignAndSendTransaction” request to a Solana provider.
Fixed the “Learn more” link for unverified creators on the Brave Rewards panel not working.
Fixed blank panel on brave://welcome page which displayed in certain cases.
Upgraded Chromium to 105.0.5195.127.

No problem can be solved from the same level of consciousness that created IT- AE

2 users thanked author for this post.

Alex5723, Cybertooth

Reply | Quote

Replies

Windows Desktop Browser Updates

27th Sept 2022
Google Chrome Stable Update to 106.0.5249.62
Release notes:: https://chromereleases.googleblog.com/

Brave update to 1.44.101
Release Notes: https://brave.com/latest/

No problem can be solved from the same level of consciousness that created IT- AE

2 users thanked author for this post.

Cybertooth, Alex5723

Reply | Quote

Windows Desktop Browser Updates

Sept 30th 2022
Brave Update available to 1.44.105
Release Notes:
https://brave.com/latest/

Chrome Update available to 106.0.5249.91
Release Notes:
Ref: https://chromereleases.googleblog.com/

RATED HIGH:
CVE-2022-3370: Use after free in Custom Elements.
CVE-2022-3373: Out of bounds write in V8.

Security issues fixed applicable to both Chrome and Brave versions.

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Windows Desktop Browser Updates

Wed 5th Oct 2022
Google Chrome Stable 106.0.5249.103 has been released.
More info:
https://chromereleases.googleblog.com/

Thurs 6th Oct 2022
Brave 1.44.108 also released.
https://brave.com/latest/

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Google Chrome106.0.5249.119 stable released.
11th October 2022
Ref: https://chromereleases.googleblog.com/

RATED HIGH:
CVE-2022-3445: Use after free in Skia.
CVE-2022-3446: Heap buffer overflow in WebSQL.
CVE-2022-3447: Inappropriate implementation in Custom Tabs.
CVE-2022-3448: Use after free in Permissions API.
CVE-2022-3449: Use after free in Safe Browsing.
CVE-2022-3450: Use after free in Peer Connection.

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

12th Oct 2022
Brave v1.44.112 Desktop Update
Release notes: https://brave.com/latest/

Updated Sardine purchase link to be set to selected network when opened from Buy screen on Brave Wallet. (#25839)

Removed deprecated Ethereum Testnet’s (Ropsten/Rinkeby/Kovan) and added support for Sepolia Testnet for Brave Wallet. (#25654)

Fixed issue with SignTransaction during NFT purchase on MagicEden when using Brave Wallet. (#25802)

Fixed crash when opening the New Tab Page in certain cases on Linux. (#25849)

Upgraded Chromium to 106.0.5249.119. (#25926) (Changelog for 106.0.5249.119)

This update covers the same CVE’s as Chrome 106.0.5249.119 released yesterday.

No problem can be solved from the same level of consciousness that created IT- AE

Reply | Quote

Brave 1.45.113 released Oct 25th 2022

With further fixes, additions and updates included..
Ref Release Notes:
https://brave.com/latest/

Security related:

….[Security] Added additional password protection for Brave Wallet account removal. (#24711)
[Security] Added additional password protection for Brave Wallet backup seed. (#24534)
[Security] Added additional password protection for Brave Wallet show private key. (#24830)
[Security] Enhanced protection against Brave Wallet pollution attacks. (#24415)
[Security] Updated the Brave Wallet network selector to show the full network name. (#25114)
[Security] Updated Brave Wallet to show the full network name in tooltip for Buy/Send/Swap widget and panel. (#25107)
[Security] Updated the Brave Wallet transaction confirmation panel to show the full network name. (#25105)
[Security] Fixed misleading signing request message in Brave Wallet. (#24816)…..

No problem can be solved from the same level of consciousness that created IT- AE

Reply | Quote

Chrome/107.0.5304.62 Stable Released
25th October 2022
Ref: https://chromereleases.googleblog.com/

RATED HIGH:
CVE-2022-3652: Type Confusion in V8.
CVE-2022-3653: Heap buffer overflow in Vulkan.
CVE-2022-3654: Use after free in Layout.

RATED MEDIUM:
CVE-2022-3655: Heap buffer overflow in Media Galleries.
CVE-2022-3656: Insufficient data validation in File System.
CVE-2022-3657: Use after free in Extensions.
CVE-2022-3658: Use after free in Feedback service on Chrome OS.
CVE-2022-3659: Use after free in Accessibility.
CVE-2022-3660: Inappropriate implementation in Full screen mode.

RATED LOW:
CVE-2022-3661: Insufficient data validation in Extensions.

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Chrome 107.0.5304.87/ 88 Stable Desktop released
27th October 2022
ref: https://chromereleases.googleblog.com/

Security Fix:

RATED HIGH:
CVE-2022-3723: Type Confusion in V8.

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Brave Browser Desktop Update

v1.45.116 Oct 28th, 2022

Release Notes:

Fixed tab hover preview not being shown correctly when “Card with preview” is selected for the “Tab hover mode” setting under brave://settings/appearance. (#26251)
Upgraded Chromium to 107.0.5304.91….

Ref: https://brave.com/latest/

No problem can be solved from the same level of consciousness that created IT- AE

Reply | Quote

Brave 1.45.118 Released
2nd November 2022
https://brave.com/latest/

Release Notes v1.45.118 (Nov 2nd, 2022)

[Security] Fixed download crash which occurred in certain cases as reported on HackerOne by rebane2001. (#26384)

Fixed crash caused by Crypto.com widget on the New Tab Page. (#26412)

Fixed shields not blocking WebSocket connections when adding custom filter under brave://settings/shields/filters. (#26285)

No problem can be solved from the same level of consciousness that created IT- AE

Reply | Quote

8th November 2022
Chrome Update to 107.0.5304.107
https://chromereleases.googleblog.com/

RATED HIGH:
CVE-2022-3885: Use after free in V8.
CVE-2022-3886: Use after free in Speech Recognition.
CVE-2022-3887: Use after free in Web Workers.
CVE-2022-3888: Use after free in WebCodecs.
CVE-2022-3889: Type Confusion in V8.
CVE-2022-3890: Heap buffer overflow in Crashpad.

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Brave 1.45.123 Released
9th November 2022
Release Notes: https://brave.com/latest/

Upgraded Chromium to 107.0.5304.110. (Changelog for 107.0.5304.110)

No problem can be solved from the same level of consciousness that created IT- AE

Reply | Quote

Brave v1.45.127 Released
15th November 2022
https://brave.com/latest/

Release Notes v1.45.127 (Nov 15th, 2022)
Added Solana NFT support in Brave Wallet.

Updated default search engine to Brave Search for new installations in certain regions.

Removed FTX widget from the New Tab Page and widget gallery.

Fixed issue where Brave Rewards appears disabled in certain cases.

Internal bug fixes to the browser then…

No problem can be solved from the same level of consciousness that created IT- AE

Reply | Quote

Brave 1.45.131 Released
22nd November 2022
https://brave.com/latest/

Added header for search.brave.com so Brave Search is aware when Brave Ads are enabled. (#25430)

Fixed issue where farbling protections for screen resolution and coordinates were incorrectly being applied to extension pages. (#26715)

No problem can be solved from the same level of consciousness that created IT- AE

Reply | Quote

Chrome Update for another Zero-day!
24th November 2022

Chrome 107.0.5304.121/.122 for Windows and Chrome 107.0.5304.121 for mac/ Linux
Ref: https://chromereleases.googleblog.com/

RATED HIGH
CVE-2022-4135: Heap buffer overflow in GPU.

Patch ASAP!

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Brave 1.45.133 Released
25th November 2022
Ref: https://brave.com/latest/

Upgraded Chromium to 107.0.5304.141. (#26965) (Changelog for 107.0.5304.141)

Addresses exploited Zero-day, update ASAP!

No problem can be solved from the same level of consciousness that created IT- AE

Reply | Quote

Chrome 108.0.5359.71/ 72 Released
29th November 2022
https://chromereleases.googleblog.com/

This update includes 28 security fixes…/

RATED HIGH:
CVE-2022-4174: Type Confusion in V8.
CVE-2022-4175: Use after free in Camera Capture.
CVE-2022-4176: Out of bounds write in Lacros Graphics.
CVE-2022-4177: Use after free in Extensions.
CVE-2022-4178: Use after free in Mojo.
CVE-2022-4179: Use after free in Audio.
CVE-2022-4180: Use after free in Mojo.
CVE-2022-4181: Use after free in Forms.

RATED MEDIUM:
CVE-2022-4182: Inappropriate implementation in Fenced Frames.
CVE-2022-4183: Insufficient policy enforcement in Popup Blocker.
CVE-2022-4184: Insufficient policy enforcement in Autofill.
CVE-2022-4185: Inappropriate implementation in Navigation.
CVE-2022-4186: Insufficient validation of untrusted input in Downloads.
CVE-2022-4187: Insufficient policy enforcement in DevTools.
CVE-2022-4188: Insufficient validation of untrusted input in CORS.
CVE-2022-4189: Insufficient policy enforcement in DevTools.
CVE-2022-4190: Insufficient data validation in Directory.
CVE-2022-4191: Use after free in Sign-In.
CVE-2022-4192: Use after free in Live Caption.
CVE-2022-4193: Insufficient policy enforcement in File System API.
CVE-2022-4194: Use after free in Accessibility.
CVE-2022-4195: Insufficient policy enforcement in Safe Browsing.

Brave 1.46.133 Released
1st December 2022
Ref: https://brave.com/latest/

Due to a much larger changelog, this has been reduced for security and fixes for a quick guide

….Security:
Disabled block element picker in Private Windows.
Enabled ENS L2 resolution for Brave Wallet.
Enabled HTTPS-Only mode for Private Windows with Tor.
Fixed broken “Add” button when adding a custom asset to Brave Wallet.
Fixed incorrect rendering of ERC20 “Approve” amount on Brave Wallet panel.
Fixed NFT images not loading in the Brave Wallet panel.
Fixed cursor position when editing Brave Wallet restore words.
Fixed the fiat currency selector not working on the “Fund” screen of Brave Wallet.
Fixed incorrect base currency being displayed on the Brave Wallet Market tab.
Fixed address validation not being called after switching Brave Wallet accounts.
Fixed broken “first” link for “Sign Transaction” in Brave Wallet panel.
Fixed incorrect placeholder text for password input field in Brave Wallet.
Fixed x-ipfs-path handling for redirecting URLs without a DNS record.
Fixed crash on https://d3ward.github.io/toolz/adblock when “RU Adlist” is enabled under brave://settings/shields/filters.
Fixed HTTPSE redirects taking precedence over adblock redirects.
Fixed incorrect button color on toolbar when certain themes are applied.
Fixed drag and drop indicator not disappearing from sidebar after drag and drop is complete.
Upgraded Chromium to 108.0.5359.71…

more listed additions/ removals and updates available on brave website.

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

IMPORTANT! Update ASAP

Chrome 108.0.5359.94/95 Released
2nd December 2022
Ref: https://chromereleases.googleblog.com/

RATED HIGH
CVE-2022-4262: Type Confusion in V8.

Brave 1.46.134 Released
3rd December, 2022
https://brave.com/latest/

Upgraded to Chromium 108.0.5359.94
(Changelog for 108.0.5359.94)

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Chrome 108.0.5359.98/ 99 Released
7th December 2022
https://chromereleases.googleblog.com/

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Brave/1.46.138 released
7th December 2022
https://brave.com/latest/

Fixed performance issue where fingerprint farbling caused some sites to load slowly or not at all. (#26700)

No problem can be solved from the same level of consciousness that created IT- AE

Reply | Quote

Chrome/108.0.5359.124/ 125 update released
Tuesday13th December 2022
https://chromereleases.googleblog.com/

8 Security Fixes:

RATED HIGH
CVE-2022-4436: Use after free in Blink Media.
CVE-2022-4437: Use after free in Mojo IPC.
CVE-2022-4438: Use after free in Blink Frames.
CVE-2022-4439: Use after free in Aura.

RATED MEDIUM
Medium CVE-2022-4440: Use after free in Profiles.

Brave v1.46.144 released
Wednesday 14th December 2022
Ref: https://brave.com/latest/

Release Notes:

Updated Brave Wallet to sign Solana transactions with selected account instead of fee payer. (#27051)

Updated Brave Wallet to not use first available pubkey as the “To” address for Solana unknown instructions. (#27187)

Updated the “Learn more” link on the Windows 7 and 8.1 deprecation infobar. (#27176)

Disabled Manifest V2 deprecation warning message. (#26207)

Fixed crash when re-opening Brave News from the “Customize Dashboard” modal after following a source. (#26876)

Fixed issue where some websites failed to load when brave://flags#brave-block-screen-fingerprinting is enabled. (#27021)

Upgraded Chromium to 108.0.5359.128. (#27351) (Changelog for 108.0.5359.128)

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Brave 1.46.153 Released
Friday 6th Jan 2023
https://brave.com/latest/

AND they are a year out!

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Chrome 109.0.5414.74/75 released
Tuesday 10th January 2023
Ref: https://chromereleases.googleblog.com/

Security Fixes

RATED HIGH:
CVE-2023-0128: Use after free in Overview Mode.
CVE-2023-0129: Heap buffer overflow in Network Service.

RATED MEDIUM:
CVE-2023-0130: Inappropriate implementation in Fullscreen API.
CVE-2023-0131: Inappropriate implementation in iframe Sandbox.
CVE-2023-0132: Inappropriate implementation in Permission prompts.
CVE-2023-0133: Inappropriate implementation in Permission prompts.
CVE-2023-0134: Use after free in Cart.
CVE-2023-0135: Use after free in Cart.
CVE-2023-0136: Inappropriate implementation in Fullscreen API.
CVE-2023-0137: Heap buffer overflow in Platform Apps.

RATED LOW:
CVE-2023-0138: Heap buffer overflow in libphonenumber.
CVE-2023-0139: Insufficient validation of untrusted input in Downloads.
CVE-2023-0140: Inappropriate implementation in File System API.
CVE-2023-0141: Insufficient policy enforcement in CORS.

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Cybertooth

Reply | Quote

Brave 1.47.171 Released
January 12th 2023
https://brave.com/latest/
See official site for extensive release notes…

Brave Security Fixes:

….[Security] Fixed Brave Wallet showing wrong network when signing DApp messages or transactions. (#26476)

[Security] Added mixed content check for “.onion” URLs as reported on HackerOne by xiaoyinl. (#25939)

[Security] Improved browser privacy by reducing high resolution timer precision as reported on HackerOne by joe12387. (#24681)

[Security] Fixed Brave Today opening non-HTTP or non-HTTPS URLs as reported on HackerOne by nishimunea. (#27602)…..

….Upgraded Chromium to 109.0.5414.87. (#27710)…

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Chrome 109.0.5414.119/ 120 released
24th January 2023
Ref: https://chromereleases.googleblog.com/

Security Fix abbreviated summary:

RATED HIGH:
CVE-2023-0471: Use after free in WebTransport.
CVE-2023-0472: Use after free in WebRTC.

RATED MEDIUM
CVE-2023-0473: Type Confusion in ServiceWorker API.
CVE-2023-0474: Use after free in GuestView.

Brave1.47.186 Released
25th January 2023
https://brave.com/latest/

Release Note Summary:

Added the ability to dismiss the end of support message on Windows 7 and 8.1
Fixed crash when viewing sync QR code in certain cases
Fixed crash in “DomainBlockNavigationThrottle”
Fixed some “$removeparam” filter rules not being applied to document request
Upgraded Chromium to 109.0.5414.119…

No problem can be solved from the same level of consciousness that created IT- AE

Reply | Quote

7th February 2023

Google Chrome Update 110.0.5481.77/.78
Release Notes:
https://chromereleases.googleblog.com/

Brave Update 1.48.158
Release Notes:
https://brave.com/latest/

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Wed 15th February 2023
Brave1.48.164
https://brave.com/latest/

Thu 16th February 2023
Google Chrome 110.0.5481.104
https://chromereleases.googleblog.com/

Both updated to Chromium 110.0.5481.100

Brave (Windows Only) v1.48.167
16th February, 2023
https://brave.com/latest/

No problem can be solved from the same level of consciousness that created IT- AE

Reply | Quote

Chrome Update 110.0.5481.177/ 178
Wednesday 22nd February 2023
ref: https://chromereleases.googleblog.com/

Abbreviated Security Fixes:

RATED CRITICAL:
CVE-2023-0941: Use after free in Prompts.

RATED HIGH:
CVE-2023-0927: Use after free in Web Payments API.
CVE-2023-0928: Use after free in SwiftShader.
CVE-2023-0929: Use after free in Vulkan.
CVE-2023-0930: Heap buffer overflow in Video.
CVE-2023-0931: Use after free in Video.
CVE-2023-0932: Use after free in WebRTC.

RATED MEDIUM:
CVE-2023-0933: Integer overflow in PDF.

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Thursday 24th February 2023
Brave v1.48.171 released
https://brave.com/latest/

[Security] Perform download safety check even when user is prompted for save location as reported on HackerOne by ameenbasha. (#28079)……/
/…Upgraded Chromium to 110.0.5481.177. (#28690) (Changelog for 110.0.5481.177)

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Chrome 111.0.5563.64/65 Released
7th March 2023
Ref: https://chromereleases.googleblog.com/

RATED HIGH:
CVE-2023-1213: Use after free in Swiftshader.
CVE-2023-1214: Type Confusion in V8.
CVE-2023-1215: Type Confusion in CSS.
CVE-2023-1216: Use after free in DevTools.
CVE-2023-1217: Stack buffer overflow in Crash reporting.
CVE-2023-1218: Use after free in WebRTC.
CVE-2023-1219: Heap buffer overflow in Metrics.
CVE-2023-1220: Heap buffer overflow in UMA.

RATED MEDIUM:
CVE-2023-1221: Insufficient policy enforcement in Extensions API.
CVE-2023-1222: Heap buffer overflow in Web Audio API
CVE-2023-1223: Insufficient policy enforcement in Autofill
CVE-2023-1224: Insufficient policy enforcement in Web Payments API
CVE-2023-1225: Insufficient policy enforcement in Navigation
CVE-2023-1226: Insufficient policy enforcement in Web Payments API
CVE-2023-1227: Use after free in Core.
CVE-2023-1228: Insufficient policy enforcement in Intents
CVE-2023-1229: Inappropriate implementation in Permission prompts
CVE-2023-1230: Inappropriate implementation in WebApp Installs
CVE-2023-1231: Inappropriate implementation in Autofill

RATED LOW:
CVE-2023-1232: Insufficient policy enforcement in Resource Timing.
CVE-2023-1233: Insufficient policy enforcement in Resource Timing.
CVE-2023-1234: Inappropriate implementation in Intents.
CVE-2023-1235: Type Confusion in DevTools.
CVE-2023-1236: Inappropriate implementation in Internals.

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

9th March 2023
Brave 1.49.120 released
Security, Web3, Brave Rewards and General Updates
now based on Chromium 111.0.5563.64
https://brave.com/latest/

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Chrome 111.0.5563.110/ 111 Released
21st March 2023
Ref: https://chromereleases.googleblog.com/
Abbreviated fixes:

RATED HIGH:
CVE-2023-1528: Use after free in Passwords.
CVE-2023-1529: Out of bounds memory access in WebHID.
CVE-2023-1530: Use after free in PDF.
CVE-2023-1531: Use after free in ANGLE.
CVE-2023-1532: Out of bounds read in GPU Video.
CVE-2023-1533: Use after free in WebProtect.
CVE-2023-1534: Out of bounds read in ANGLE.

22nd March 2023
Brave 1.49.128 Released
Ref: https://brave.com/latest/
Various fixes and additions whilst upgraded Chromium to 111.0.5563.110

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

27th March 2023
Google Chrome 111.0.5563.146/.147 released
https://chromereleases.googleblog.com/

28th March 2023
Brave/1.49.132 released
https://brave.com/latest/

Web3
Fixed issue with multiple onboarding tabs opening up for Magic Eden. (#28546)

General
Disabled keyboard shortcut for “Copy clean link” on macOS by default. (#29303)
Upgraded Chromium to 111.0.5563.147. (#29341) (Changelog for 111.0.5563.147)

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Google Chrome 112.0.5615.49/50
4th April 2023
Ref: https://chromereleases.googleblog.com/

Abbreviated Security Fixes

RATED HIGH:
CVE-2023-1810: Heap buffer overflow in Visuals.
CVE-2023-1811: Use after free in Frames.

RATED MEDIUM:
CVE-2023-1812: Out of bounds memory access in DOM Bindings.
CVE-2023-1813: Inappropriate implementation in Extensions.
CVE-2023-1814: Insufficient validation of untrusted input in Safe Browsing.
CVE-2023-1815: Use after free in Networking APIs.
CVE-2023-1816: Incorrect security UI in Picture In Picture.
CVE-2023-1817: Insufficient policy enforcement in Intents.
CVE-2023-1818: Use after free in Vulkan.
CVE-2023-1819: Out of bounds read in Accessibility.
CVE-2023-1820: Heap buffer overflow in Browser History.

RATED LOW:
CVE-2023-1821: Inappropriate implementation in WebShare.
CVE-2023-1822: Incorrect security UI in Navigation.
CVE-2023-1823: Inappropriate implementation in FedCM.

April 5th 2023
Brave 1.50.114 Released
Ref: https://brave.com/latest/
(see site release notes)

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

12th April 2023
Stable Channel Update for Desktop
Google Chrome 112.0.5615.86/87 released
REF: https://chromereleases.googleblog.com/

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

13th April 2023
Brave 1.50.118 Released
To view release notes:
https://brave.com/latest/

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

14th April 2023

URGENT!

Chrome112.0.5615.121 released
This one fixes the exploit for CVE 2023-2033 which exists in-the-wild!
Ref: https://chromereleases.googleblog.com/

Abbreviated info:

RATED HIGH:
CVE-2023-2033: Type Confusion in V8.
Google is aware that an exploit for CVE-2023-2033 exists in the wild…./
/..Various fixes from internal audits, fuzzing and other initiatives

URGENT!

Brave 1.50.119 Released
15th April 2023
Release notes available over on:
https://brave.com/latest/

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

URGENT: actively exloited Zero Day!

Chrome 112.0.5615.137/138 Released
18th April 2023
ref: https://chromereleases.googleblog.com

Abbreviated security updates:

RATED HIGH:
CVE-2023-2133: Out of bounds memory access in Service Worker API.
CVE-2023-2134: Out of bounds memory access in Service Worker API.
CVE-2023-2135: Use after free in DevTools.
CVE-2023-2136: Integer overflow in Skia.

RATED MEDIUM:
CVE-2023-2137: Heap buffer overflow in sqlite.

No problem can be solved from the same level of consciousness that created IT- AE

Reply | Quote

19th April 2023
Brave 1.50.121 Released
Release Notes: https://brave.com/latest/

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Chrome 113.0.5672.63/ 64 released
2nd May 2023
Ref: https://chromereleases.googleblog.com/

Abbreviated Security Fixes:

RATED MEDIUM:
CVE-2023-2459: Inappropriate implementation in Prompts.
CVE-2023-2460: Insufficient validation of untrusted input in Extensions.
CVE-2023-2461: Use after free in OS Inputs.
CVE-2023-2462: Inappropriate implementation in Prompts.
CVE-2023-2463: Inappropriate implementation in Full Screen Mode.
CVE-2023-2464: Inappropriate implementation in PictureInPicture.
CVE-2023-2465: Inappropriate implementation in CORS.

RATED LOW:
CVE-2023-2466: Inappropriate implementation in Prompts.
CVE-2023-2467: Inappropriate implementation in Prompts.
CVE-2023-2468: Inappropriate implementation in PictureInPicture.

No problem can be solved from the same level of consciousness that created IT- AE

Reply | Quote

3rd May 2023
Brave 1.51.110 Released
Changelog link:
https://brave.com/latest/

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Brave v1.51.114 Released
9th May, 2023
Ref: https://brave.com/latest/

Release Notes:

Web3
[Security] Fixed Brave Wallet binding issue as reported (#30204).

Upgraded Chromium to 113.0.5672.92…

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Brave v1.51.118 Released
17th May 2023
Ref: https://brave.com/latest/

Web3
Fixed NFT pinning status background and text color. (#30219)

General
Implemented per-device WebUSB serial farbling. (#30041)
Fixed saved passwords being removed from brave://settings/passwords and sync failure when restarting Brave on certain Linux distros. (#30147)
Upgraded Chromium to 113.0.5672.126

No problem can be solved from the same level of consciousness that created IT- AE

Reply | Quote

Chrome 113.5672.126/ 127 released for Windows
May 16th, 2023
Ref: https://chromereleases.googleblog.com/

Abbreviated Security Fixes

RATED CRITICAL
CVE-2023-2721: Use after free in Navigation.

RATED HIGH:
CVE-2023-2722: Use after free in Autofill UI
CVE-2023-2723: Use after free in DevTools
CVE-2023-2724: Type Confusion in V8
CVE-2023-2725: Use after free in Guest View

RATED MEDIUM
CVE-2023-2726: Inappropriate implementation in WebApp Installs

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Chrome 114.0.5735.90/91 Released
Tuesday 30th May 2023
Ref: https://chromereleases.googleblog.com/

Abbreviatted Security Fixes:

RATED HIGH:
CVE-2023-2929: Out of bounds write in Swiftshader.
CVE-2023-2930: Use after free in Extensions.
CVE-2023-2931: Use after free in PDF.
CVE-2023-2932: Use after free in PDF.
CVE-2023-2933: Use after free in PDF.
CVE-2023-2934: Out of bounds memory access in Mojo.
CVE-2023-2935: Type Confusion in V8.
CVE-2023-2936: Type Confusion in V8.

RATED MEDIUM:
CVE-2023-2937 & CVE-2023-2938:Inappropriate implementation witin Picture In Picture.
CVE-2023-2939: Insufficient data validation in Installer.
CVE-2023-2940: Inappropriate implementation in Downloads.

RATED LOW:
CVE-2023-2941: Inappropriate implementation in Extensions API.

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

31st May 2023
Brave 1.52.117 released
https://brave.com/latest/
See official release note link above for extensive fixes and updates in this version.

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

2nd June 2023
Brave 1.52.119 Released (Windows Only)
REF: https://brave.com/latest/

Release Notes:

Fixed intermittent “Failed to write the VPN config” errors which could prevent users from using Brave VPN in certain cases on Windows.

No problem can be solved from the same level of consciousness that created IT- AE

Reply | Quote

June 5th 2023
Chrome 114.0.5735.110 released
Release notes:
https://chromereleases.googleblog.com/

June 6th 2023
Brave v1.52.122 released
based on chromium 114.0.5735.110
Release notes:
https://brave.com/latest/

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Chrome 114.0.5735.133/134 released
13th June 2023
Source: https://chromereleases.googleblog.com/
Security fixes abbreviated:

RATED CRITICAL:
CVE-2023-3214: Use after free in Autofill payments.

RATED HIGH:
CVE-2023-3215: Use after free in WebRTC.
CVE-2023-3216: Type Confusion in V8.
CVE-2023-3217: Use after free in WebXR.

Brave 1.52.126 due to be released soon..
14th June 2023
Ref: https://brave.com/latest/

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Google Chrome 114.0.5735.198/199 released
June 26th 2023
Ref: https://chromereleases.googleblog.com/
Abbreviated fixes:

RATED HIGH:
CVE-2023-3420: Type Confusion in V8.
CVE-2023-3421: Use after free in Media.
CVE-2023-3422: Use after free in Guest View.

Brave 1.52.129 released
28th June 2023
ref: https://brave.com/latest/

Upgraded Chromium to 114.0.5735.198..

No problem can be solved from the same level of consciousness that created IT- AE

Reply | Quote

Brave 1.52.130 Released
7th July 2023
release notes: https://brave.com/latest/

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Google Chrome 115.0.5790.98/99 Stable released
18th July 2023
Release notes link:
https://chromereleases.googleblog.com/

No problem can be solved from the same level of consciousness that created IT- AE

Reply | Quote

Brave v1.56.9 Released
19th July 2023

Changelog: https://brave.com/latest/
Quite a heavy changelog so, I’ll let the source link provide info

Note: Changes to release channels

Release Channel will go from 1.53.x to 1.56.x
Beta Channel will go from 1.54.x to 1.57.x
Nightly Channel will go from 1.55.x to 1.58.x

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Google Chrome 115.0.5790.102 released
20th July 2023
Official Announcement:
https://chromereleases.googleblog.com/

No problem can be solved from the same level of consciousness that created IT- AE

2 users thanked author for this post.

Just another Forum Poster, Alex5723

Reply | Quote

Brave 1.56.11 released
21st July 2023
https://brave.com/latest/

Upgraded Chromium to 115.0.5790.102

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Google Chrome 115.0.5790.110 released
25th July 2023
Official announcement:
https://chromereleases.googleblog.com/

No problem can be solved from the same level of consciousness that created IT- AE

2 users thanked author for this post.

Just another Forum Poster, Alex5723

Reply | Quote

Brave v1.56.14 Released
26th July 2023
https://brave.com/latest/

Upgraded Chromium to 115.0.5790.114

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Google Chrome 115.0.5790.170/.171 released 2nd August 2023

Ref: https://chromereleases.googleblog.com/

HIGH
CVE-2023-4068: Type Confusion in V8.
CVE-2023-4069: Type Confusion in V8.
CVE-2023-4070: Type Confusion in V8
CVE-2023-4071: Heap buffer overflow in Visuals
CVE-2023-4072: Out of bounds read and write in WebGL
CVE-2023-4073: Out of bounds memory access in ANGLE.
CVE-2023-4074: Use after free in Blink Task Scheduling
CVE-2023-4075: Use after free in Cast
CVE-2023-4076: Use after free in WebRTC

MEDIUM
CVE-2023-4077: Insufficient data validation in Extensions
CVE-2023-4078: Inappropriate implementation in Extensions

Brave v1.56.20 released 3rd August 2023
Ref: https://brave.com/latest/

No problem can be solved from the same level of consciousness that created IT- AE

2 users thanked author for this post.

Just another Forum Poster, Alex5723

Reply | Quote

15th August 2023 Releases

Google Chrome 116.0.5845.96/ 97
https://chromereleases.googleblog.com/
26 Security fixes for this version:
Abbreviated list of fixes include:

HIGH
CVE-2023-2312: Use after free in Offline
CVE-2023-4349: Use after free in Device Trust Connectors.
CVE-2023-4350: Inappropriate implementation in Fullscreen.
CVE-2023-4351: Use after free in Network
CVE-2023-4352: Type Confusion in V8
CVE-2023-4353: Heap buffer overflow in ANGLE
CVE-2023-4354: Heap buffer overflow in Skia
CVE-2023-4355: Out of bounds memory access in V8
CVE-2023-4356: Use after free in Audio

MEDIUM
CVE-2023-4357: Insufficient validation of untrusted input in XML.
CVE-2023-4358: Use after free in DNS
CVE-2023-4359: Inappropriate implementation in App Launcher.
CVE-2023-4360: Inappropriate implementation in Color.
CVE-2023-4361: Inappropriate implementation in Autofill
CVE-2023-4362: Heap buffer overflow in Mojom IDL
CVE-2023-4363: Inappropriate implementation in WebShare.
CVE-2023-4364: Inappropriate implementation in Permission Prompts
CVE-2023-4365: Inappropriate implementation in Fullscreen.
CVE-2023-4366: Use after free in Extensions
CVE-2023-4367: Insufficient policy enforcement in Extensions API.
CVE-2023-4368: Insufficient policy enforcement in Extensions API.

Brave v1.57.47
https://brave.com/latest/
Fixes to Web3, Rewards and General functions whilst
bringing the browser in-line with Chromium 116.0.5845.96
See link for further details…

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Brave 1.57.49 released
17th August 2023
https://brave.com/latest/

Fixed startup crash on Windows* caused by adding a non-existent or empty custom filter list.

emphasis of OS affected*

No problem can be solved from the same level of consciousness that created IT- AE

Reply | Quote

Google Chrome 116.0.5845.110/111
22nd August 2023
REF: https://chromereleases.googleblog.com/

Five Security Fixes (abbreviated)

RATED HIGH:
CVE-2023-4430: Use after free in Vulkan.
CVE-2023-4429: Use after free in Loader.
CVE-2023-4428: Out of bounds memory access in CSS.
CVE-2023-4427: Out of bounds memory access in V8.

RATED MEDIUM:
CVE-2023-4431: Out of bounds memory access in Fonts.

Brave 1.57.53
August 23rd 2023
Ref: https://brave.com/latest/

Abbreviated fix list

Security:
Fixed browser crash as reported on HackerOne by 0xc4gr1
Fixed browser crash as reported on HackerOne by neeythann.

Functionality
Fixed missing “Open Guest profile” keyboard shortcut.
Fixed issue where Brave would not relaunch via the taskbar icon in certain cases on Windows.
Fixed issue where permission dialog wa.

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Google Chrome 116.0.5845.140/ 141
29th August 2023
Ref: https://chromereleases.googleblog.com/

Security Fixes (1):
RATED HIGH:
CVE-2023-4572: Use after free in MediaStream.

Brave 1.57.57
30th August 2023
ref: https://brave.com/latest/

See above link for more info..
Various general and two security issues fixed whilst elevating the browser baseline to Chromium 116.0.5845.163

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Google Chrome 116.0.5845.179/ 180
5th September 2023
Ref: https://chromereleases.googleblog.com/

(Abbreviated) Security Fixes:

RATED HIGH:
CVE-2023-4761: Out of bounds memory access in FedCM.
CVE-2023-4762: Type Confusion in V8
CVE-2023-4763: Use after free in Networks.
CVE-2023-4764: Incorrect security UI in BFCache.

Brave 1.57.62
6th September 2023
Ref: https://brave.com/latest/

Upgraded to Chromium 116.0.5845.180

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote

Update Chrome ASAP! Critical security issue exploited in the wild

Google released an emergency security update for its Chrome web browser that addresses a critical security issue that is exploited in the wild.

Chrome users are encouraged to update the stable version of the web browser to the new version immediately to protect the browser against potential attacks…

Chrome on Linux or Mac systems: 116.0.5845.187
Chrome on Windows devices: 116.0.5845.187 or 116.0.5845.188
Chrome Extended Stable for Mac: 116.0.5845.187
Chrome Extended Stable for Windows: 116.0.5845.188

https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_11.html

[$NA][1479274] Critical CVE-2023-4863: Heap buffer overflow in WebP. Reported by Apple Security Engineering and Architecture (SEAR) and The Citizen Lab at The University of Torontoʼs Munk School on 2023-09-06..

Google Chrome Portable 116.0.5845.188

1 user thanked author for this post.

Microfix

Reply | Quote

Google Chrome Portable 117.0.5938.63 Stable

https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_12.html

Chrome 117.0.5938.62 (Linux and Mac), 117.0.5938.62/.63( Windows) contains a number of fixes and improvements — a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 117.

This update includes 16 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$NA][1479274] Critical CVE-2023-4863: Heap buffer overflow in WebP. Reported by Apple Security Engineering and Architecture (SEAR) and The Citizen Lab at The University of Torontoʼs Munk School on 2023-09-06

[$3000][1430867] Medium CVE-2023-4900: Inappropriate implementation in Custom Tabs. Reported by Levit Nudi from Kenya on 2023-04-06

[$3000][1459281] Medium CVE-2023-4901: Inappropriate implementation in Prompts. Reported by Kang Ali on 2023-06-29

[$2000][1454515] Medium CVE-2023-4902: Inappropriate implementation in Input. Reported by Axel Chong on 2023-06-14

[$1000][1446709] Medium CVE-2023-4903: Inappropriate implementation in Custom Mobile Tabs. Reported by Ahmed ElMasry on 2023-05-18

[$1000][1453501] Medium CVE-2023-4904: Insufficient policy enforcement in Downloads. Reported by Tudor Enache @tudorhacks on 2023-06-09

[$500][1441228] Medium CVE-2023-4905: Inappropriate implementation in Prompts. Reported by Hafiizh on 2023-04-29

[$6000][1449874] Low CVE-2023-4906: Insufficient policy enforcement in Autofill. Reported by Ahmed ElMasry on 2023-05-30

[$2000][1462104] Low CVE-2023-4907: Inappropriate implementation in Intents. Reported by Mohit Raj (shadow2639) on 2023-07-04

[$TBD][1451543] Low CVE-2023-4908: Inappropriate implementation in Picture in Picture. Reported by Axel Chong on 2023-06-06

[$TBD][1463293] Low CVE-2023-4909: Inappropriate implementation in Interstitials. Reported by Axel Chong on 2023-07-09..

1 user thanked author for this post.

Microfix

Reply | Quote

Chrome 117.0.5938.88 for Mac and Linux
117.0.5938.88/.89 for Windows

https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_15.html

1 user thanked author for this post.

Microfix

Reply | Quote

Google Chrome Portable 117.0.5938.89 Stable

Reply | Quote

Brave 1.58.127

*Upgraded Chromium to 117.0.5938.88. (#33052)

1 user thanked author for this post.

Microfix

Reply | Quote

Google Chrome 117.0.5938.132 (fix 0 day )

..This update includes 10 security fixes

Google is aware that an exploit for CVE-2023-5217 exists in the wild…

[$NA][1486441] High CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx. Reported by Clément Lecigne of Google’s Threat Analysis Group on 2023-09-25

[$TBD][1478889] High CVE-2023-5186: Use after free in Passwords. Reported by [pwn2car] on 2023-09-05

[$2000][1475798] High CVE-2023-5187: Use after free in Extensions. Reported by Thomas Orlita on 2023-08-25..

1 user thanked author for this post.

Microfix

Reply | Quote

GoogleChromePortable64_117.0.5938.132

GoogleChromePortable_117.0.5938.132

Reply | Quote

Brave 1.58.135
August 28th 2023
Ref: https://brave.com/latest/

Added Argentina, France, and Germany content feed support for Brave News. (#33251 & #32416). Upgraded Chromium to 117.0.5938.140. (#33282)
Changelog for 117.0.5938.140

No problem can be solved from the same level of consciousness that created IT- AE

1 user thanked author for this post.

Alex5723

Reply | Quote