Multiple Vulnerabilities in Google Chrome

  • CERT Admin
  • Fri Feb 26 2021
  • Alerts

Systems Affected

Google Chrome versions prior to 88.0.4324.182 for Windows, Mac, and Linux


Threat Level

Medium


Overview 

Multiple vulnerabilities have been identified in the Google Chrome web browser which could allow an attacker to run arbitrary codes and gain total control of the targeted system.  


Description 

These vulnerabilities exist in Google Chrome due to stack overflow in data transfer and GPU process components, use after free in downloads, payments, and web sockets components, and heap buffer overflow in media, tap strip, and V8 components. An attacker could exploit these vulnerabilities by persuading a user to visit a specially crafted website.  


Impact

✻  Exposing sensitive information to unauthorized parties
✻  Unauthorized access
✻  Execute of unwanted/malicious programs/codes
✻  Malware infections
 

Solution/ Workarounds

✻  Update to Google Chrome version 88.0.4324.182
 

References

✻  https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_16.html
✻  https://www.cert-in.org.in/
✻  https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-google-chrome-could-allow-for-arbitrary-code-execution_2021-026/
 

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.



Last updated: Fri Feb 26 2021