Short Summary:
Multiple vulnerabilities were found in Google Chrome with High severity. These vulnerabilities can be exploited by an attacker by persuading a victim to visit a specially crafted Web site. Successful exploitation of these vulnerabilities can result in denial of service, security bypass, and arbitrary code execution.
Vulnerability Identifier:
- CVE-2020-16004
- CVE-2020-16005
- CVE-2020-16006
- CVE-2020-16007
- CVE-2020-16008
- CVE-2020-16009
- CVE-2020-16011
Affected Platform:
Windows, Mac, Linux
Vulnerable Platforms:
Versions Prior to Google Chrome 86.0.4240.183
Vulnerability Impact:
Denial of Service, Security Bypass, Arbitrary Code Execution
Rating:
| Vulnerability Rating | CVSS v3.0 |
| Base Score | 8.8 |
| Base Metrics | CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
| Vulnerability Rating | CVSS v2.0 |
| Base Score | 10 |
| Base Metrics | AV:N/AC:L/AU:N/C:C/I:C/A:C |
Defense Strategies:
Network and Browser
Fix Type:
Vendor fix
Reference URL:
https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop.html
Chrome 86.0.4240.183 is rolling out to users during the next days/weeks. Desktop users can upgrade by going to:
Settings -> Help -> About Google Chrome. Automatically the web-browser will then check for the new update and install it when available.
Leave A Comment