Google Chrome Remote Code Execution Vulnerability
Release Date: 12 Sep 2023
RISK: Extremely High Risk
TYPE: Clients - Browsers
A vulnerability was identified in Google Chrome. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.
Note:
For CVE-2023-4863, heap buffer overflow in WebP may lead to arbitrary code execution. Google is aware that an exploit for CVE-2023-4863 exists in the wild.
Impact
- Remote Code Execution
System / Technologies affected
- Google Chrome prior to 116.0.5845.187 (Linux)
- Google Chrome prior to 116.0.5845.187 (Mac)
- Google Chrome prior to 116.0.5845.187/.188 (Windows)
Solutions
Before installation of the software, please visit the software vendor web-site for more details.
Apply fixes issued by the vendor:
- Update to version 116.0.5845.187 (Linux) or later
- Update to version 116.0.5845.187 (Mac) or later
- Update to version 116.0.5845.187/.188 (Windows) or later
沒有留言:
發佈留言