Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2019.0066.2 Google Chrome for desktop receives security updates 7 March 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Google Chrome Operating System: Windows Linux variants Mac OS Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Denial of Service -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2019-5786 Member content until: Wednesday, April 3 2019 Revision History: March 7 2019: Actively exploited in attacks in the wild. March 4 2019: Initial Release OVERVIEW The Chrome team has released an update which includes a security fix for CVE-2019-5786. [1] IMPACT CVE-2019-5786 is a high severity issue, causing a use-after-free condition in FileReader.[1] MITIGATION The vendor has advised that the 72.0.3626.121 update for Windows, Mac, and Linux will roll out over the coming days/weeks. [1] REFERENCES [1] Stable Channel Update for Desktop https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop.html AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXIBhkGaOgq3Tt24GAQiawhAAmAybqjC0XQ6oX63F+JIPUWdiDiSureWC xsdnCGnKE2sRNHoWfKczYYGdxtDSdjQ9z5OoGFH3AY+B616mtDpGL3jGu6v9mYDC 6202J8EuDmmkGEefFQH1evBynjV7HS2/Gv7Ms5Z/B9S0L3xLBdku7neo1LV4iX4e hetwTXN8snkPTZVC1c9y8m8grpawlXXrVNWIz+ciG7sO0ZWEd0XjZami/YBiGfQ3 Z27MI76klHgqZi2MFDBmHQBxiogjqI7qb1ZKQEwFM53033M5qLSgkBL0GGAiCKgS HdybubhyfMOpVcELyPvQkGe36KWXPE4X0Rf+BQlMsyC7WuSGjDT2qO8i0yoDTGv9 +NTGQGy9IosOR09QMsncCbL4bRG7VuUskN9eCWYwjqnqbgZDdfH9ixZP+EblLcxO xh0tgwysifXMzMp1gRPTZ36avkpuS/hR9p5bduXJM6pNxGqVB+SvOvom8pmF1+Uz 13bVbZFfdJI3nJ1W5IJyVAIviSuQZDXLlEZpoReU/nzmlGlNRMv94BD7chVt4JEB JhxfLqrzOeFwOiTn/9tJ25+x/BWC775IVj0b2+PVxq+lVKfh/QdpYlVJLNAaqA51 lAeiqeUKRXmJFmzKg6AsyWWIQ9uLW6CYhVY8hxWR8BBR5L79rhplSN+qgKOiE0WY YOCYBs/KIXE= =JcfD -----END PGP SIGNATURE-----