Google Patches RCE Vulnerability in the New Chrome Update Release

Google has released Chrome Version 92.0.4515.131 for Windows, Mac and Linux.

The update patches 10 vulnerabilities, including a high severity vulnerability which may lead to Remote Code Execution on the affected system.

The Remote Code Execution Vulnerability

A sandbox escape vulnerability that can be “exploited in combination with an extension or a compromised renderer.”

An attacker can leverage the vulnerability to achieve remote code execution outside Chrome’s sandbox.

Affected Versions

  • Google Chrome for Desktop prior version 92.0.4515.131.

Mitigation

CYREBRO recommends updating Chrome for Desktop to the latest available release (92.0.4515.131 at minimum).

References: Google Chrome Releases

 

CYREBRO Cyber Threat Intelligence (CTI) alerts are researched and published by CYREBRO threat intelligence specialists. The aim is to share information about the latest threats and vulnerabilities and provide recommended mitigation tactics.  

Sign Up for Updates