Chrome Security Update: US-CERT (Browser)

[KirstyAskWoody MVP]

Google Releases Security Updates for Chrome
https://www.us-cert.gov/ncas/current-activity/2017/06/06/Google-Releases-Security-Updates-Chrome

Original release date: June 06, 2017

 
Google has released Chrome version 59.0.3071.86 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that, if exploited, may allow an attacker to take control of an affected system.

Users and administrators are encouraged to review the Chrome Releases (link is external) page and apply the necessary updates.

 
Comments on Stable Channel Update for Desktop (same external link as above) indicate this version addresses NTLMv2 credential leaks via SMB with SCF files.

1 user thanked author for this post.

NetDef

[KirstyAskWoody MVP]

Google Releases Security Updates for Chrome
https://www.us-cert.gov/ncas/current-activity/2017/06/15/Google-Releases-Security-Updates-Chrome

Original release date: June 15, 2017

 
Google has released Chrome version 59.0.3071.104 for Windows, Mac, and Linux. This version addresses several vulnerabilities, including one that an attacker could exploit to cause a denial-of-service condition.

US-CERT encourages users and administrators to review the Chrome Releases (link is external) page and apply the necessary updates

• This reply was modified 1 year, 3 months ago by  Kirsty.
• This reply was modified 1 year, 3 months ago by  Kirsty.
• This reply was modified 1 year, 3 months ago by  Kirsty.
• This reply was modified 1 year, 3 months ago by  Kirsty.

[KirstyAskWoody MVP]

Google Releases Security Updates for Chrome
https://www.us-cert.gov/ncas/current-activity/2017/07/26/Google-Releases-Security-Updates-Chrome

Original release date: July 26, 2017

 
Google has released Chrome version 60.0.3112.78 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that, if exploited, may allow an attacker to take control of an affected system.

Users and administrators are encouraged to review the Chrome Releases (link is external) page and apply the necessary updates.

[KirstyAskWoody MVP]

Google Releases Security Updates for Chrome
https://www.us-cert.gov/ncas/current-activity/2017/09/06/Google-Releases-Security-Updates-Chrome

Original release date: September 06, 2017

 
Google has released Chrome version 61.0.3163.79 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker could exploit to take control of an affected system.

Users and administrators are encouraged to review the Chrome Releases (link is external) page and apply the necessary updates.

[KirstyAskWoody MVP]

Google Releases Security Updates for Chrome
https://www.us-cert.gov/ncas/current-activity/2017/10/18/Google-Releases-Security-Updates-Chrome

Original release date: October 18, 2017

 
Google has released Chrome version 62.0.3202.62 for Windows, Mac, and Linux to address multiple vulnerabilities. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system.

US-CERT encourages users and administrators to review the Chrome Releases (link is external) page and apply the necessary updates.

1 user thanked author for this post.

EyesOnWindows

[KirstyAskWoody MVP]

Google Releases Security Update for Chrome
https://www.us-cert.gov/ncas/current-activity/2017/10/26/Google-Releases-Security-Update-Chrome

Original release date: October 26, 2017

 
Google has released Chrome version 62.0.3202.75 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to cause a denial-of-service condition.

US-CERT encourages users and administrators to review the Chrome Releases (link is external) page and apply the necessary update.

[KirstyAskWoody MVP]

Google Releases Security Update for Chrome
https://www.us-cert.gov/ncas/current-activity/2017/11/06/Google-Releases-Security-Update-Chrome

Original release date: November 06, 2017

 
Google has released Chrome version 62.0.3202.89 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

US-CERT encourages users and administrators to review the Chrome Releases (link is external) page and apply the necessary update.

[KirstyAskWoody MVP]

Google Releases Security Update for Chrome
https://www.us-cert.gov/ncas/current-activity/2017/12/06/Google-Releases-Security-Update-Chrome

Original release date: December 06, 2017

 
Google has released Chrome version 63.0.3239.84 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

US-CERT encourages users and administrators to review the Chrome Releases (link is external) page and apply the necessary update.

[KirstyAskWoody MVP]

Google Releases Security Update for Chrome
https://www.us-cert.gov/ncas/current-activity/2017/12/14/Google-Releases-Security-Update-Chrome

Original release date: December 14, 2017

 
Google has released Chrome version 63.0.3239.108 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system.

US-CERT encourages users and administrators to review the Chrome Releases (link is external) page and apply the necessary update.

[KirstyAskWoody MVP]

Google Releases Security Update for Chrome
https://www.us-cert.gov/ncas/current-activity/2018/01/24/Google-Releases-Security-Update-Chrome

Original release date: January 24, 2018

 
Google has released Chrome version 64.0.3282.119 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to cause a denial-of-service condition.

NCCIC/US-CERT encourages users and administrators to review the Chrome Releases (link is external) page and apply the necessary update.

 

Chrome 64.0.3282.119 contains a number of fixes and improvements…
This release contains additional mitigations against speculative side-channel attack techniques.

[KirstyAskWoody MVP]

Google Releases Security Update for Chrome
https://www.us-cert.gov/ncas/current-activity/2018/03/06/Google-Releases-Security-Update-Chrome

Original release date: March 06, 2018

 
Google has released Chrome version 65.0.3325.146 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to obtain access to sensitive information.

NCCIC/US-CERT encourages users and administrators to review the Chrome Releases (link is external) page and apply the necessary update.

 

Chrome 65.0.3325.146 contains a number of fixes and improvements –
This update includes 45 security fixes.

[KirstyAskWoody MVP]

Google Releases Security Update for Chrome
https://www.us-cert.gov/ncas/current-activity/2018/04/18/Google-Releases-Security-Update-Chrome

Original release date: April 18, 2018

 
Google has released Chrome version 66.0.3359.117 for Windows, Mac, and Linux. This version addresses vulnerabilities that a remote attacker could exploit to take control of an affected system.

NCCIC encourages users and administrators to review the Chrome Releases (link is external) page and apply the necessary update.

 

Security Fixes:
Chrome 66 will not trust website certificates issued by Symantec’s legacy PKI before June 1st 2016, continuing the phased distrust outlined in our previous announcements.

This update includes 62 security fixes.

1 user thanked author for this post.

jburk07

[KirstyAskWoody MVP]

Google Releases Security Update for Chrome
https://www.us-cert.gov/ncas/current-activity/2018/05/29/Google-Releases-Security-Update-Chrome

Original release date: May 29, 2018

 
Google has released Chrome version 67.0.3396.62 for Windows, Mac, and Linux. This version addresses vulnerabilities that a remote attacker could exploit to take control of an affected system.

NCCIC encourages users and administrators to review the Chrome Releases page and apply the necessary update.

1 user thanked author for this post.

JohnS1606

[KirstyAskWoody MVP]

Google Releases Security Update for Chrome
https://www.us-cert.gov/ncas/current-activity/2018/06/07/Google-Releases-Security-Update-Chrome

Original release date: June 07, 2018

 
Google has released Chrome version 67.0.3396.79 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to take control of an affected system.

NCCIC encourages users and administrators to review the Chrome Releases page and apply the necessary update.

3 users thanked author for this post.

JohnS1606, OscarCP, Peacelady

[KirstyAskWoody MVP]

Google Releases Security Update for Chrome
https://www.us-cert.gov/ncas/current-activity/2018/07/24/Google-Releases-Security-Update-Chrome

Original release date: July 24, 2018

 
Google has released Chrome version 68.0.3440.75 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

NCCIC encourages users and administrators to review the Chrome Releases (link is external) page and apply the necessary update.

 
Also, see the Bank-Grade Security topic

[KirstyAskWoody MVP]

Chrome Bug Lets Attackers Steal Web Secrets via Audio or Video HTML Tags
By Catalin Cimpanu | August 15, 2018

 
Google has patched a vulnerability in the Chrome browser that allows an attacker to retrieve sensitive information from other sites via audio or video HTML tags.

Ron Masas, a security researcher with Imperva, discovered and reported this issue —tracked as CVE-2018-6177— to Google. The browser maker fixed the security hole at the end of July with the release of Chrome v68.0.3440.75.

The vulnerability can be exploited in older versions of Chrome in situations where an attacker can lure a victim on a malicious site, via malvertising (malicious code inside ads embedded on legitimate sites), or via vulnerabilities on legitimate sites where an attacker can inject and execute code —such as via stored cross-site scripting (XSS) flaws.

Attack leverages audio and video HTML tags

 
Read the full article here

[Author]

Posts