- Mar 13, 2022
Like all major applications, Google’s Chrome suffers from vulnerabilities. During 2022, SecurityWeek reported on 456 vulnerabilities (averaging 38 per month), including nine zero-days. The high number of flaws needing to be patched poses a simple question: is Chrome safe to use?
This high rate of vulnerability disclosures and patches has continued into 2023. Chrome 109 patched 17 and six vulnerabilities in January. Chrome 110 patched 15vulnerabilities in February; version 111 patched 40 and 8 in March; and version 112 patched 16 in April. April also saw a patch for the second zero-day vulnerability of 2023. Chrome 113 patched 15 vulnerabilities in May, followed by a further 12vulnerabilities. June started with the third of 2023’s zero-day patches, in Chrome 114, and this was followed by a further 5 patches.
The list is so long it almost becomes boringly repetitive – but it will undoubtedly continue growing through the rest of the year and beyond. The questions raised, however, are not boring. Why are there so many vulnerabilities? Is Chrome realistically safe to use? Can Google do anything to make the product safer? Can users do anything to increase their safety? SecurityWeek talked to Tal Zamir, the CTO at Tel Aviv, Israel-based Perception Point (a detection and response vendor covering major threat surfaces including browsers).
The high number of vulnerabilities needing to be patched in Chrome poses a simple question: is the popular web browser from Google safe?