Multiple Vulnerabilities in Google Chrome Desktop

  • CERT Admin
  • Fri Nov 20 2020
  • Alerts

Systems Affected 

  ✻  Google Chrome versions prior to 87.0.4280.66 (Windows & Linux)
  ✻  Google Chrome versions prior to 87.0.4280.67 (Mac) 

Threat Level 

Medium 

Overview 

Multiple vulnerabilities have been identified in the Google Chrome desktop version which could allow an attacker to execute arbitrary codes, bypass security restrictions, disclose sensitive information, or conduct spoofing attacks. 

Description 

Vulnerabilities existed in Google Chrome due to the heap buffer overflow in the clipboard, UI, and WebRTC, inappropriate implementation of cookies, etc. An attacker could exploit these vulnerabilities just by persuading a victim to visit a maliciously crafted website. 

Impact 

  ✻  Exposing sensitive information to unauthorized parties
  ✻  Unauthorized access
  ✻  Malware infections 

Solution/ Workarounds

  ✻  Upgrade to the Google Chrome version 87.0.4280.66 (For Windows and Linux) or 87.0.4280.67 (For Mac)

References 

  ✻  https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_17.html?m=1 

Disclaimer  

The information provided herein is on "as is" basis, without warranty of any kind. 

 

Last updated: Fri Nov 20 2020