Srini Jagan Posted November 4, 2019 Report post Posted November 4, 2019 Google Chrome decided to spook its users this Halloween by issuing an update that fixes 2 new use-after-free vulnerabilities "CVE-2019-13720" and "CVE-2019-13721", of which CVE-2019-13720 is already exploited in the wild. Use-after-free flaw, which in the least could result in a crash or could be leveraged by an attacker to run arbitrary codes or even enable remote code execution. CVE-2019-13720 - affects the Chrome's audio component. CVE-2019-13721- affects the PDFium library. Google also announced, "Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed." Resolution: To stay secure against the aforementioned vulnerabilities, kindly update your systems to the latest chrome version 78.0.3904.87 by deploying the following patches using Patch Connect Plus, an integration software for third-party patching for SCCM: Patch ID: 311540 (64 bit) 311539 (32 bit) Happy patching! Stay secure! Quote Share this post Link to post Share on other sites More sharing options...
