TTCSIRT-190.122718: TT-CSIRT Advisory – Chrome Security Updates
Google has released a security update stating that an use-after-free issue in PDFium could allow for arbitrary code execution (CVE-2018-17481).
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code through the browser and depending on the privileges associated with the application, an attacker could install programs view, change, delete data or create new accounts with full user rights.
| Further information on this vulnerability and how it can be mitigated can be found on the Google Website at https://chromereleases.googleblog.com/2018/12/stable-channel-update-for-desktop_12.html |