Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2014.0138 Stable Google Chrome update addresses multiple vulnerabilities 27 November 2014 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Google Chrome Operating System: Windows OS X Linux variants Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Denial of Service -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2014-8439 Member content until: Saturday, December 27 2014 Reference: ESB-2014.2222 OVERVIEW Google has released Chrome 39.0.2171.71 which includes an update for Adobe Flash and Adobe AIR as well as other fixes. [1] IMPACT Google references the Adobe Security bulletin, which provides the following details regarding the vulnerabilities: "These updates provide additional hardening against CVE-2014-8439, which was mitigated in the October 14, 2014 release". [2] MITIGATION The vendor recommends updating to the latest version of Google Chrome to correct these issues. [1] REFERENCES [1] Stable Channel Update http://googlechromereleases.blogspot.com.au/2014/11/stable-channel-update_25.html [2] Adobe Security Bulletin http://helpx.adobe.com/security/products/flash-player/apsb14-26.html AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBVHZ4bhLndAQH1ShLAQL3SA/+PjeF4PaffdWHCGIcMbex7gVl2+jR23om 04YEl9QzQ1KqSloS/KEv1w6KmjsCGxj3sS+EL+TZnJu6IpVp5s2rFG7WT75kE43l /rPLHJAWWGVy66qpv7ao66yTJ9y36OKUWQYVGf3KibIB6heb0hqTHo1r6+7rx2rh gb1O50TMDFU/gsm8edFuBDCLUrE2q21EIgevP6sKXHAUAji7zX/KSzK9dxvrt5fT Kph96EIi+mR2Bh7jFUGYrEkEsaRp0PmJrvV6u8ioPKwkKfzYBtKf4faCpqNHna6X b6FHMXlW8IbaefB/h4gjKiQfXL2lqvVZL83JCfvbLlAjl6dYj4t8lH+auCoO/Cex zDh0MAIltIJuMHASr2U87+wv8477CuYnA1DYcmt+XY3Hx2zhBWSP7+NMJo6IrbZ2 /DB6BeZVh42ea7/H8JVc4qDN+RIgCy3raSyaa5yGNEqHQyo4eF6+sRDSAwczfR18 6gdixYiOd3vx+S0hwgoiezx2PwQVAOExt1hICpiL90gOfYw7uupl8/wzYFbPbHMB 5WczcMCFiqFvhYkUbBh133YroAx5e6tST/tJnERwEA09pipC2j5zuguzCpUxKdAm ZU7SU/qrsGYkV9fG1NmsnfT9tgbcEo2ocuvHxApLYxu1cLIKImV/d4WNlKT0Azjq IaGovoh+CJE= =zASD -----END PGP SIGNATURE-----