Business

News

 
More...

Alerts

 
More...

Events

 
More...
 
     
 

Multiple Vulnerabilities in Google Chrome

 

Systems Affected


Google Chrome versions prior to 88.0.4324.182 for Windows, Mac, and Linux

Threat Level


Medium


Overview


Multiple vulnerabilities have been identified in the Google Chrome web browser which could allow an attacker to run arbitrary codes and gain total control of the targeted system.


Description


These vulnerabilities exist in Google Chrome due to stack overflow in data transfer and GPU process components, use after free in downloads, payments, and web sockets components, and heap buffer overflow in media, tap strip, and V8 components. An attacker could exploit these vulnerabilities by persuading a user to visit a specially crafted website.


Impact


  ✻  Exposing sensitive information to unauthorized parties
  ✻  Unauthorized access
  ✻  Execute of unwanted/malicious programs/codes
  ✻  Malware infections


Solution/ Workarounds


  ✻  Update to Google Chrome version 88.0.4324.182


References


  ✻  https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_16.html
  ✻  https://www.cert-in.org.in/
  ✻  https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-google-chrome-could-allow-for-arbitrary-code-execution_2021-026/


Disclaimer


The information provided herein is on "as is" basis, without warranty of any kind.


 
     

© Copyright Sri Lanka CERT|CC. All Rights Reserved.