Source: Ministry of education information & communication security contingency platform
| Publication Number | TACERT-ANA-2024051411052929 | Publication Time | 2024/05/14 11:47 |
| Incident Type | ANA-Vulnerability Alert | Discovery Time | 2024/05/14 11:47 |
| Impact Level | Medium | ||
| [Subject] 【Vulnerability Alert】 Google has recently released a security advisory for Chrome, recommending users to assess updates promptly! |
|||
| [Content] Forwarded from the National Institute of Cyber Security NISAC-200-202405-00000001 Google has released new versions 124.0.6367.201 and 202 of the Chrome browser. This release primarily aims to patch a high-risk vulnerability, CVE-2024-4671. This vulnerability stems from a flaw in the rendering engine component, which exhibits a "Use After Free" vulnerability, potentially leading to crashes, remote code execution, or privilege escalation. Information Sharing Level: WHITE (Information content can be publicly disclosed) |
|||
| [Affected Platform] ●Chrome versions prior to 124.0.6367.201 |
|||
| [Recommended Actions] Please refer to the instructions and handling recommendations on the official Google website to update the Chrome browser to versions 124.0.6367.201 and 202 (inclusive). ●chrome://settings/help |
|||
| [Reference] 1. iThome:https://www.ithome.com.tw/news/162822 2. microsoft-CVE-2024-4671:https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-4671 |
|||