Patch now! 2 new use-after-free zero day vulnerabilities in Chrome.

Google Chrome decided to spook its users this Halloween by issuing an update that fixes 2 new use-after-free vulnerabilities "CVE-2019-13720" and "CVE-2019-13721", of which CVE-2019-13720 is already exploited in the wild. Use-after-free flaw, which in the least could result in a crash or could be leveraged by an attacker to run arbitrary codes or even enable remote code execution.

CVE-2019-13720 - affects the Chrome's audio component.

CVE-2019-13721- affects the PDFium library.

Google also announced, "Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed."

Resolution:

To stay secure against the aforementioned vulnerabilities, kindly update your systems to the latest chrome version 78.0.3904.87 by deploying the following patches with Desktop Central:

Patch ID:

311540 (64 bit)

311539 (32 bit)

Happy patching!