TTCSIRT-240.110119: TT-CSIRT ADVISORY – CHROME SECURITY UPDATES

TTCSIRT-240.110119: TT-CSIRT ADVISORY – CHROME SECURITY UPDATES

Google has released Chrome version 78.0.3904.87 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system. One of these vulnerabilities (CVE-2019-13720) is a zero day as it was detected in exploits in the wild. TTCSIRT encourages users and administrators to review the following release from Google and update to the latest version of Chrome on all devices forthwith. Issues addressed include the following high level vulnerabilities:

  • CVE-2019-13721: Use-after-free in PDFium
  • CVE-2019-13720: Use-after-free in audio

https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_31.html