Hello everyone,
Google has recently patched 2 actively exploited zero-day vulnerabilities in Chrome, making this the fourth and fifth actively exploited vulnerability addressed in the past week. The details of the vulnerabilities are as follows:
CVE ID
| Vulnerability
| Impact
|
CVE-2020-16013
| [Chrome] Inappropriate implementation of V8 JavaScript
| Remote code execution
|
CVE-2020-16017
| [Chrome] Use-after-free memory corruption issue in Chrome's site isolation feature
| Memory corruption
|
CVE-2020-16016
| [Edge for Chromium] Inappropriate implementation in base
| High severity
|
Chrome has updated it stable channel to 86.0.4240.198 for Windows, Mac & Linux. along with this, there are updates released for Edge for Chromium as well. To deploy these updates, initiate a sync between the Central Patch Repository and the Vulnerability Manager Plus server. Once synced, search for the following Patch IDs or Bulletin ID and deploy them to your target computers
Patch ID
| Bulletin ID
| Patch Description
|
316971
| TU-017
| Google Chrome (86.0.4240.198)
|
316972
| TU-017
| Google Chrome (x64) (86.0.4240.198)
|
316973
| TU-1035
| Microsoft Edge for chromium business (86.0.622.68)
|
316974
| TU-1035
| Microsoft Edge for chromium business (x64) (86.0.622.68)
|
Cheers,
The ManageEngine Team