Google fixes several high severity vulnerabilities in its Chrome 109.0.5414.74/75/87 Stable Channel update

Google fixes several high severity vulnerabilities in its Chrome 109.0.5414.74/75/87 Stable Channel update

Hey everyone,

Chrome Stable Channel has been updated to 109.0.5414.74/75 for Windows and 109.0.5414.87 for Mac and  109.0.5414.74 for Linux. This update comes with 17 security fixes. The details of the vulnerabilities fixed are mentioned below:

CVE ID
Vulnerability
Severity
CVE-2023-0128
Use after free in Overview Mode
High
CVE-2023-0129
Heap buffer overflow in Network Service
High
CVE-2023-0130
Inappropriate implementation in Fullscreen API
Medium
CVE-2023-0131
Inappropriate implementation in iframe Sandbox
Medium
CVE-2023-0132
Inappropriate implementation in Permission prompts
Medium
CVE-2023-0133
Inappropriate implementation in Permission prompts.
Medium
CVE-2023-0134
Use after free in Cart
Medium
CVE-2023-0135
Use after free in Cart
Medium
CVE-2023-0136
Inappropriate implementation in Fullscreen API
Medium
CVE-2023-0137
Heap buffer overflow in Platform Apps
Medium
CVE-2023-0138
Heap buffer overflow in libphonenumber
Low
CVE-2023-0139
Insufficient validation of untrusted input in Downloads
Low
CVE-2023-0140
Inappropriate implementation in File System API
Low
CVE-2023-0141
Insufficient policy enforcement in CORS
Low


To install this update on your Windows / Mac machines, initiate a sync between the Central Patch Repository and the Endpoint Central / Patch Manager Plus / Vulnerability Manager Plus server. Once the sync is complete, search for the following Patch IDs or Bulletin ID and deploy them to your target systems.

Patch ID
Bulletin ID
Patch Description
328484
TU-017
Google Chrome (x64) 
(109.0.5414.75)
 
328483
TU-017 
Google Chrome
(109.0.5414.75) 
604659
MAC-012
Google Chrome For Mac (109.0.5414.87)

Cheers,

The ManageEngine Team





                New to ADSelfService Plus?