25 September 2014
Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2014.0108 A vulnerability has been identified in Google Chrome 25 September 2014 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Google Chrome Operating System: Windows OS X Impact/Access: Reduced Security -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2014-1568 Member content until: Saturday, October 25 2014 Reference: ASB-2014.0107 ESB-2014.1663 OVERVIEW A vulnerability has been identified in Google Chrome prior to version 37.0.2062.124.  IMPACT The vendor has provided the following details regarding this vulnerability: " RSA signature malleability in NSS (CVE-2014-1568). Thanks to Antoine Delignat-Lavaud of Prosecco/INRIA, Brian Smith and Advanced Threat Research team at Intel Security"  MITIGATION The vendor recommends updating to the latest version of Google Chrome to correct this issue.  REFERENCES  Stable Channel Update http://googlechromereleases.blogspot.com.au/2014_09_01_archive.html AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: firstname.lastname@example.org Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBVCOckxLndAQH1ShLAQLAOxAAjaMqCKGZs49FBXACUjESHLPK02xstucn Svm3ZKji8b/4rvUThth7GBi25JFGMb283igEPljnF5dhhfhmEfU3nLZdg1av84Bc maaYW25B50dcYc21WUlTX81QpRUX+iF5yPZXf8eFi8CeXSpkKXi2wKXwbdv2VdWj YUdjqkdXGKl1thGCO0U3uA9bfmzJCrOEshIQ62fB5xR4DjFwthvds8KKpXkObOGZ D1l958mVm87poTdMn4lyCro+0XhCni+ty3EX7CPOcl3iJI4BrGJWgmzObq2dmwfN RjZQONXCrgXZe0iRCPClqDj3iNRd2yUXPThYUW73tAVgk1asDfKMQ8RXllgGJoCZ eoIKDGgSn2cAgEygdPjQrV5qw7kIdad4ricvCVtuk0dQsR3y8VzD1OFxby2xNxQS j/AxO8Goo/ygPtXYnRgXScneZF9334pJgUsLlqUm5mnzU3S7BToRQ0v8XEzNhD2Q sy4vR1s9G0KI1Z8qL9o6WRa4RTSu7UaYJTAnySP3vnyDxS6Zxzf5yWPleXApfg8d DyK2KnXlvVvui51WUa5EUlNb5uu2tx0RCZh43f6WwJQg4485+ZB2cZggFseoX7Fx WBf/BeeZwusZqGoXVBU5V3aIulsxIeSBC3dA6tefcBpYpwBOzgXQVL3VogaNSeOD o/ovnFqj5AI= =GTTd -----END PGP SIGNATURE-----