TTCSIRT-240.110119: TT-CSIRT ADVISORY – CHROME SECURITY UPDATES
Google has released Chrome version 78.0.3904.87 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. One of these vulnerabilities (CVE-2019-13720) is a zero day as it was detected in exploits in the wild. TTCSIRT encourages users and administrators to review the following release from Google and update to the latest version of Chrome on all devices forthwith. Issues addressed include the following high level vulnerabilities:
- CVE-2019-13721: Use-after-free in PDFium
- CVE-2019-13720: Use-after-free in audio
https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_31.html