Does anyone have any insite as to how the Rapid7 agent or scanner detects the version of Google Chrome that is installed on a system? We have systems that when I open Chrome it is showing as having version 91.0.4472.77 installed but Rapid7 is reporting the system as having 68.94.77 installed. I’ve checked the entire machine and I’m not finding any other versions of the Chrome executable. I was able to find some old registry entries that showed the older version but I would think Rapid7 would have their plugins actually look for the Chrome version by checking the version of the executable installed as opposed to scanning the registry.
Any ideas on where Rapid7 is looking to get the version information for Chrome? This detection is causing us to show thousands of vulnerabilities that don’t actually exist in our environment.