New security updates for Chromium-based browsers

Frank Zieman

The latest update to Chrome 99.0.4844.74 from March 15 fixes 11 vulnerabilities in the Google browser and its open-source Chromium base. Among them is a vulnerability classified as critical (CVE-2022-0971). Several manufacturers of Chromium-based browsers have now followed suit with appropriate security updates. So far these have been Microsoft Edge, Brave and Vivaldi – Opera takes longer again this time.

The fastest were the Brave developers. Barely a day after Google’s Chrome update, they shipped Brave 1.36.116, but only for Windows and Linux. The deployment of Brave 1.36.117 for macOS took an extra day. Like the current Chrome version, both are based on Chromium 99.0.4844.74.

▶The latest security updates

On March 16, Vivaldi preferred – as it had done several times before – to continue using the older Chromium generation. Vivaldi 5.1.2567.66 contains Chromium 98.0.4758.136. However, this also includes the latest security updates.

Microsoft released its new Edge version 99.0.1150.46 based on Chromium 99.0.4844.74 on March 17th. In addition to the Chromium vulnerabilities, Microsoft has also eliminated an Edge-specific vulnerability ( CVE-2022-26899 ). Microsoft identifies them as high risk – an attacker could gain higher privileges. This vulnerability was once again discovered and reported by David Erceg.

Although the latest Opera version 84.0.4316.42 was also released on March 17, it is still based on Chromium 98.0.4758.189. This gives Opera a number of security gaps that have been patched in two Chrome updates in the meantime.

Google plans to release Chrome 100 on March 29, with Chrome 101 to follow on April 26.

Chromium-based browsers at a glance: