Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2018.0266 Chrome Stable Channel Update for Desktop 70.0.3538.67 18 October 2018 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Google Chrome Operating System: UNIX variants (UNIX, Linux, OSX) Windows Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Denial of Service -- Remote with User Interaction Provide Misleading Information -- Remote with User Interaction Access Confidential Data -- Remote with User Interaction Unauthorised Access -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2018-17477 CVE-2018-17476 CVE-2018-17475 CVE-2018-17474 CVE-2018-17473 CVE-2018-17472 CVE-2018-17471 CVE-2018-17470 CVE-2018-17469 CVE-2018-17468 CVE-2018-17467 CVE-2018-17466 CVE-2018-17465 CVE-2018-17464 CVE-2018-17463 CVE-2018-17462 CVE-2018-5179 Member content until: Saturday, November 17 2018 OVERVIEW Multiple vulnerabilities have been addressed in Google Chrome for Windows, Mac and Linux version 70.0.3538.67 [1] IMPACT The vendor has provided the following summary: "[$N/A][888926] High CVE-2018-17462: Sandbox escape in AppCache. Reported by Ned Williamson and Niklas Baumstark working with Beyond Security's SecuriTeam Secure Disclosure program on 2018-09-25 [$N/A][888923] High CVE-2018-17463: Remote code execution in V8. Reported by Samuel Gross working with Beyond Security's SecuriTeam Secure Disclosure program on 2018-09-25 [$3500][872189] High CVE to be assigned: Heap buffer overflow in Little CMS in PDFium. Reported by Quang Nguyen (@quangnh89) of Viettel Cyber Security on 2018-08-08 [$3000][887273] High CVE-2018-17464: URL spoof in Omnibox. Reported by xisigr of Tencent's Xuanwu Lab on 2018-09-20 [$3000][870226] High CVE-2018-17465: Use after free in V8. Reported by Lin Zuojian on 2018-08-02 [$1000][880906] High CVE-2018-17466: Memory corruption in Angle. Reported by Omair on 2018-09-05 [$3000][844881] Medium CVE-2018-17467: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-05-19 [$2000][876822] Medium CVE-2018-17468: Cross-origin URL disclosure in Blink. Reported by James Lee (@Windowsrcer) of Kryptos Logic on 2018-08-22 [$1000][880675] Medium CVE-2018-17469: Heap buffer overflow in PDFium. Reported by Zhen Zhou of NSFOCUS Security Team on 2018-09-05 [$1000][877874] Medium CVE-2018-17470: Memory corruption in GPU Internals. Reported by Zhe Jin(??),Luyao Liu(???) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-08-27 [$1000][873080] Medium CVE-2018-17471: Security UI occlusion in full screen mode. Reported by Lnyas Zhang on 2018-08-10 [$1000][822518] Medium CVE-2018-17472: iframe sandbox escape on iOS. Reported by Jun Kokatsu (@shhnjk) on 2018-03-16 [$500][882078] Medium CVE-2018-17473: URL spoof in Omnibox. Reported by Khalil Zhani on 2018-09-08 [$500][843151] Medium CVE-2018-17474: Use after free in Blink. Reported by Zhe Jin(??),Luyao Liu(???) from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd on 2018-05-15 [$500][852634] Low CVE-2018-17475: URL spoof in Omnibox. Reported by Vladimir Metnew on 2018-06-14 [$500][812769] Low CVE-2018-17476: Security UI occlusion in full screen mode. Reported by Khalil Zhani on 2018-02-15 [$500][805496] Low CVE-2018-5179: Lack of limits on update() in ServiceWorker. Reported by Yannic Bonenberger on 2018-01-24 [$N/A][863703] Low CVE-2018-17477: UI spoof in Extensions. Reported by Aaron Muir Hamilton <aaron@correspondwith.me> on 2018-07-14" [1] MITIGATION The vendor advises updating to Chrome 70.0.3538.67 to address these issues. [1] REFERENCES [1] Stable Channel Update for Desktop https://chromereleases.googleblog.com/2018/10/stable-channel-update-for-desktop.html AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBW8hAyWaOgq3Tt24GAQgHwA/8Do9ys7QhbolVbYXsU+vHQaVSFm7yTPpL N8xLkk4YBjFK9u2H3MftDimBjIKR1/43HXE9E1+Hy+huHz6R5cMsyriZ4iLDdLpN XNpsM9w/xoCCzKfLj7zoKGEOT5MnirDk2unasSR5G2yUB/6UTo3nfqz5tk/Y53IG FYzelRZ1hJuhXRdYipGYgBWZW2fQMiq9xGHicX3SdVk1SBL4UNJQs1otztYjbBnY C8O3d9glqbHO0sqdeXOqXmbiNgu9lVPOJqGilVtXVMsd7HSaviLCwj8+jGrW78At /nfsj6FJzqrV32ZAT4xdpVDR5G0REsPVGDxMGXgeDO52Er8HHdsWER1OH1gCyNAd izmyfuv8VE+Ikq7IvGN9KBgJJ+XT1f6y3Pxzfovo0CTIs8bD006hoRMDQw56nohH X6Lh5Sr+WPpx1gB/EPWjg5YlkJZgvGhd4OdpqiEejhDldqj9xCUvuJHHAEXtb6Un YypyP64uC1y6oeBAwOZXUbhxLSvD4ZqUmCWxxllAvdtuV43HEKdAZvO9F4uNCEyI kmMEZ4vRWScOd8ZjK+mJljNxbUn09fT3mr7wtm2OLvW7JOzpH7cIxDsrl5ELdNZo hjgayVSJ9c8EU6CTdLkvUmgzP5clhTQ3l00wSvXgpUyNe30JPR9sbE9Svv19wTRa otyK2dXhhvM= =RDNT -----END PGP SIGNATURE-----