January 25, 2023
Google Patches Chrome Vulnerabilities, 2 Critical RCEs
Google has released Chrome version 109.0.5414.119/120 for Mac and Linux and Windows, patching 2 RCE vulnerabilities.
Successful exploitation might lead to remote code execution (RCE).
The RCE Vulnerabilities
- CVE-2023-0471, High-Severity – Use after free vulnerability in WebTransport.
- CVE-2023-0472, High-Severity – Use after free vulnerability in WebRTC.
These vulnerabilities can be exploited remotely, which could have devastating effects ranging from corruption of valid data to the execution of malicious code on a compromised machine.
These vulnerabilities affect all Chrome and Chromium based browsers.
CYREBRO recommends to updating browsers to the latest Chrome version, 109.0.5414.119/120 for Windows, Mac and Linux.
For the full patched vulnerabilities list, visit Chrome Releases.
References: Chrome Releases.