Updating Chrome is becoming an almost daily task lately. But it’s too important to ignore.
On Wednesday, July 8, Google released another Chrome update, just one day later after the previous one.
Between them, the two updates fixed 27 security vulnerabilities, including two critical flaws that could be exploited to compromise Chrome. Google says both are “use-after-free” memory vulnerabilities, which can sometimes allow attackers to run malicious code. Google has not reported any of these vulnerabilities as being actively exploited.
The Stable channel has been updated to 150.0.7871.114/.115 for Windows and macOS, and 150.0.7871.114 for Linux. The updates will roll out over the coming days and weeks.
Read more…
Source: MalawareBytes Labs
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- CISA Releases Four Industrial Control Systems Advisories
August 31, 2023
CISA released four Industrial Control Systems (ICS) advisories on August 31, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-243-01 ARDEREG Sistemas SCADA ICSA-23-243-02 GE Digital CIMPLICITY Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency
- Multiple Threats Target Adobe ColdFusion Vulnerabilities
August 30, 2023
This past July, Adobe responded to reports of exploits targeting pre-authentication remote code execution (RCE) vulnerabilities in their ColdFusion solution by releasing a series of security updates: APSB23-40, APSB23-41, and APSB23-47. An in-depth analysis of those exploits has been documented by Project Discovery, including a significant vulnerability in the WDDX deserialization process within Adobe ColdFusion ...
- Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868)
August 29, 2023
On June 15, 2023, Mandiant released a blog post detailing an 8-month-long global espionage campaign conducted by a Chinese-nexus threat group tracked as UNC4841. Over the course of this follow up blog post, Mandiant researchers will detail how UNC4841 has continued to show sophistication and adaptability in response to remediation efforts. Specifically, UNC4841 deployed new and ...
- CISA Releases IOCs Associated with Malicious Barracuda Activity
August 29, 2023
CISA has released additional indicators of compromise (IOCs) associated with exploitation of CVE-2023-2868. CVE-2023-2868 is a remote command injection vulnerability affecting Barracuda Email Security Gateway (ESG) Appliance, versions 5.1.3.001-9.2.0.006. Malicious threat actors exploited this vulnerability as a zero day as early as October 2022 to gain access to ESG appliances. Read more… Source: U.S. Cybersecurity and Infrastructure ...
- CISA Releases Six Industrial Control Systems Advisories
August 24, 2023
CISA released six Industrial Control Systems (ICS) advisories on August 24, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-236-01 KNX Protocol ICSA-23-236-02 Opto 22 SNAP PAC S1 Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related story: CISA Adds Two Known Exploited Vulnerabilities to Catalog
- CISA Releases Four Industrial Control Systems Advisories
August 22, 2023
CISA released four Industrial Control Systems (ICS) advisories on August 22, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-234-01 Hitachi Energy AFF66x ICSA-23-234-02 Trane Thermostats Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency

