2 actively exploited zero-days in Chrome fixed along with updates for Edge for Chromium

2 actively exploited zero-days in Chrome fixed along with updates for Edge for Chromium

Hello everyone, 

Google has recently patched 2 actively exploited zero-day vulnerabilities in Chrome, making this the fourth and fifth actively exploited vulnerability addressed in the past week. The details of the vulnerabilities are as follows:

 CVE ID
 Vulnerability 
 Impact
 CVE-2020-16013
 [Chrome] Inappropriate   implementation of V8 JavaScript
 Remote code execution
 CVE-2020-16017
 [Chrome] Use-after-free memory corruption issue in   Chrome's site isolation feature
 Memory corruption
 CVE-2020-16016
 [Edge for Chromium] Inappropriate implementation in   base
 High severity

Chrome has updated it stable channel to 86.0.4240.198 for Windows, Mac & Linux. along with this, there are updates released for Edge for Chromium as well. To deploy these updates, initiate a sync between the Central Patch Repository and the Vulnerability Manager Plus server. Once synced, search for the following Patch IDs or Bulletin ID and deploy them to your target computers

 Patch ID
 Bulletin ID
 Patch Description
 316971
 TU-017
 Google Chrome (86.0.4240.198)
 316972
 TU-017
 Google Chrome (x64) (86.0.4240.198)
 316973
 TU-1035
 Microsoft Edge for chromium business (86.0.622.68)
 316974
 TU-1035
 Microsoft Edge for chromium business (x64)   (86.0.622.68)


Cheers, 
The ManageEngine Team