Chrome 101.0.4951.41 for Windows, Mac, and Linux contains several fixes for severe security flaws. Google paid out a total of $29,000 for four of the top six more critical vulnerabilities. Chrome devs discovered the other two in-house. These bugs include the following.

CVE-2022-1477: Use after free in Vulkan. CVE-2022-1478: Use after free in SwiftShader. CVE-2022-1479: Use after free in ANGLE. CVE-2022-1481: Use after free in Sharing. CVE-2022-1482: Inappropriate implementation in WebGL. CVE-2022-1483: Heap buffer overflow in WebGPU.

Google did not release details on these vulnerabilities. The company said it wanted to wait until the majority of users have updated their browsers before publishing precisely what these flaws are and how attackers could exploit them. It is also holding back any information on bugs that exist in third-party libraries until developers have a chance to patch them. Google labeled the remaining 23 fixes as mostly medium threats, with four designated low. You can view them on the Chrome 101 release notes. Chrome 101 is the second major release in a row that Google has urgently encouraged users to migrate to because of security issues. In March, Google advised users to update from Chrome 99 to Chrome 100 because of a zero-day vulnerability relating to the browser’s JavaScript engine that allowed unauthorized code execution. Version 100 also presented websites with a problem that might have rendered them unable to read the user agents since many wear gear for two-digit browser numbers. Web developers have mostly updated their sites to accommodate the newest browser iterations. Users can update manually from Chrome settings or perform a fresh install from our mirror. Alternatively, people can wait, and the browser will update automatically in a few days.