TTCSIRT-226.092019: TT-CSIRT Advisory – Chrome Security Updates
Google has released a security update stating that it has discovered the following vulnerabilities in Google Chrome:
a) Use-after-free in UI – CVE-2019-13685.
b) Use-after-free in media – CVE-2019-13688.
These vulnerabilities can be exploited if a user visits or is redirected to a specially crafted web page.
Exploitation could allow an attacker to execute arbitrary code in the context of the browser. Depending on the privileges associated with the application, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights.
| Further information on these vulnerabilities and how they can be mitigated can be found on the Google Chrome Website at https://chromereleases.googleblog.com/2019/09/stable-channel-update-for-desktop_18.html |