Security vulnerabilities fixed in Chrome stable channel 86.0.4240.75 update

Security vulnerabilities fixed in Chrome stable channel 86.0.4240.75 update

Hello everyone, 


Chrome 86 has been promoted to stable channel Chrome 86.0.4240.75, for Windows, Mac and Linux. This update comes with several fixes and improvements. Below are the details of the security fixes:

  CVE ID
  Vulnerability
  Severity
  CVE-2020-15967
  Use after free in payments
  Critical 
  CVE-2020-15968
  Use after free in Blink
  High
  CVE-2020-15969
  Use after free in WebRTC
  High
  CVE-2020-15970
  Use after free in NFC
  High
  CVE-2020-15971
  Use after free in printing
  High
  CVE-2020-15972
  Use after free in audio
  High
  CVE-2020-15973
  Insufficient policy enforcement in extensions
  Medium
  CVE-2020-15974
  Integer overflow in Blink
  Medium
  CVE-2020-15975
  Integer overflow in SwiftShader
  Medium
  CVE-2020-15976
  Use after free in WebXR
  Medium
  CVE-2020-15977
  Insufficient data validation in dialogs
  Medium
  CVE-2020-15978
  Insufficient data validation in navigation
  Medium
  CVE-2020-15979
  Inappropriate implementation in V8
  Medium
  CVE-2020-15980
  Insufficient policy enforcement in Intents
  Medium
  CVE-2020-15981
  Out of bounds read in audio
  Medium
  CVE-2020-15982
  Side-channel information leakage in cache
  Medium
  CVE-2020-15983
  Insufficient data validation in webUI
  Medium
  CVE-2020-15984
  Insufficient policy enforcement in Omnibox
  Medium
  CVE-2020-15985
  Inappropriate implementation in Blink
  Medium
  CVE-2020-15986
  Integer overflow in media
  Medium
  CVE-2020-15987
  Use after free in WebRTC
  Medium
  CVE-2020-15988
  Insufficient policy enforcement in downloads
  Low
  CVE-2020-15989
  Uninitialized Use in PDFium
  Low
  CVE-2020-15990
  Use after free in autofill
  High
  CVE-2020-15991
  Use after free in password manager
  High
  CVE-2020-15992
  Insufficient policy enforcement in networking
  Medium
  CVE-2020-6557
  Inappropriate implementation in networking
  Medium

To apply these fixes using Patch Manager Plus, initiate a sync between the Central Patch Repository and Patch Manager Plus. Search for the following Patch IDs or Bulletin ID and deploy them in your target machines


Patch ID

Bulletin ID

Patch description 

316361

TU-017

Google Chrome (86.0.4240.75)

316362

TU-017

Google Chrome (x64) (86.0.4240.75)

 

Cheers, 

The ManageEngine team



                New to ADSelfService Plus?