TTCSIRT-234.101419: TT-CSIRT ADVISORY – CHROME SECURITY UPDATES
Google has released Chrome version 77.0.3865.120 for Windows, Mac, and Linux. This new version addresses vulnerabilities that an attacker could exploit to take control of an affected system. TTCSIRT encourages users and administrators to review the following blog post from Google and update to the latest version of Chrome on all devices. Issues addressed include the following high level vulnerabilities:
- CVE-2019-13693: Use-after-free in IndexedDB.
- CVE-2019-13694: Use-after-free in WebRTC.
- CVE-2019-13695: Use-after-free in audio.
- CVE-2019-13696: Use-after-free in V8.
- CVE-2019-13697: Cross-origin size leak