Hello everyone,
The latest stable version of the web browser ' Google Chrome ', version 83.0.4103.61, aka Chrome 83, is released for Windows, Mac and Linux. This update contains 38 security fixes and packs a number of new features including enhanced privacy controls, new settings for managing cookie files, a new Safety Check option, support for tab groups, new graphics for web form elements, a new API for detecting barcodes, and a new anti-XSS security feature.
Here's a quick glance at the list of CVE IDs resolved in the latest update.
High CVE-2020-6465: Use after free in reader mode.
High CVE-2020-6466: Use after free in media.
High CVE-2020-6467: Use after free in WebRTC
High CVE-2020-6468: Type Confusion in V8.
High CVE-2020-6469: Insufficient policy enforcement in developer tools.
Medium CVE-2020-6470: Insufficient validation of untrusted input in clipboard.
Medium CVE-2020-6471: Insufficient policy enforcement in developer tools.
Medium CVE-2020-6472: Insufficient policy enforcement in developer tools.
Medium CVE-2020-6473: Insufficient policy enforcement in Blink.
Medium CVE-2020-6474: Use after free in Blink.
Medium CVE-2020-6475: Incorrect security UI in full screen.
Medium CVE-2020-6476: Insufficient policy enforcement in the tab strip.
Medium CVE-2020-6477: Inappropriate implementation in the installer.
Medium CVE-2020-6478: Inappropriate implementation in full screen.
Medium CVE-2020-6479: Inappropriate implementation in sharing.
Medium CVE-2020-6480: Insufficient policy enforcement in enterprise.
Medium CVE-2020-6481: Insufficient policy enforcement in URL formatting.
Medium CVE-2020-6482: Insufficient policy enforcement in developer tools.
Medium CVE-2020-6483: Insufficient policy enforcement in payments.
Medium CVE-2020-6484: Insufficient data validation in ChromeDriver.
Medium CVE-2020-6485: Insufficient data validation in media router.
Medium CVE-2020-6486: Insufficient policy enforcement in navigations.
Low CVE-2020-6487: Insufficient policy enforcement in downloads.
Low CVE-2020-6488: Insufficient policy enforcement in downloads.
Low CVE-2020-6489: Inappropriate implementation in developer tools.
Low CVE-2020-6490: Insufficient data validation in loader.
Low CVE-2020-6491: Incorrect security UI in site information.
Resolution:
To patch these vulnerabilities, initiate database sync between the Patch Manager Plus server and the Central Patch repository. Search for the following Patch IDs or Bulletin IDs and administer them to your target systems.
Patch ID | Bulletin ID | Description |
314312 | TU-017 | Google Chrome (83.0.4103.61) |
314313 | TU-017 | Google Chrome (x64) (83.0.4103.61) |