Google Chrome critical updates

Google Chrome critical updates

Hello folks,

 

On February 24, Google released a new stable channel update 80.0.3987.122, for Windows, Mac, and Linux. This was done to address several vulnerabilities in Google chrome. There were 3 security updates released out of which CVE-2020-6418 is rumored to be exploited in the wild. Google further affirms this saying that they were aware this exploit existed in the wild and could have been exploited as a zero-day.

 

List of the security updates released:

  • CVE-2020-6407: Out of bounds memory access in streams. 

  • CVE-2020-6418: Type confusion in V8

  • Integer overflow in ICU has also been addressed in this release.

The proof of concept for the vulnerability CVE-2020-6418, is not publicly available. However these vulnerabilities are rated 'Critical' and we would suggest you to patch them as soon as possible. With Patch Manager Plus, you can do the same by initiating the patch database sync, searching for the following Patch IDs or Bulletin ID, and installing these updates 

 

Bulletin ID - TU-017

  • 313038 - Google Chrome (80.0.3987.122)

  • 313039 - Google Chrome (x64) (80.0.3987.122) 

 

Cheers,

ManageEngine team

                New to ADSelfService Plus?