Multiple Vulnerabilities in Google Chrome

Tags: English. Risk Level: Medium.

Systems Affected

Google Chrome versions prior to 88.0.4324.182 for Windows, Mac, and Linux

Overview

Multiple vulnerabilities have been identified in the Google Chrome web browser which could allow an attacker to run arbitrary codes and gain total control of the targeted system.

Description

These vulnerabilities exist in Google Chrome due to stack overflow in data transfer and GPU process components, use after free in downloads, payments, and web sockets components, and heap buffer overflow in media, tap strip, and V8 components. An attacker could exploit these vulnerabilities by persuading a user to visit a specially crafted website.

Impact

  ✻ Exposing sensitive information to unauthorized parties
  ✻ Unauthorized access
  ✻ Execute of unwanted/malicious programs/codes
  ✻ Malware infections

Solution/ Workarounds

  ✻ Update to Google Chrome version 88.0.4324.182

References

  ✻ https://chromereleases.googleblog.com/2021/02/stable-channel-update-for-desktop_16.html
  ✻ https://www.cert-in.org.in/
  ✻ https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-google-chrome-could-allow-for-arbitrary-code-execution_2021-026/

Disclaimer

The information provided herein is on “as is” basis, without warranty of any kind.