Source: Ministry of education information & communication security contingency platform
Publication Number | TACERT-ANA-2024051411052929 | Publication Time | 2024/05/14 11:47 |
Incident Type | ANA-Vulnerability Alert | Discovery Time | 2024/05/14 11:47 |
Impact Level | Medium | ||
[Subject] 【Vulnerability Alert】 Google has recently released a security advisory for Chrome, recommending users to assess updates promptly! |
|||
[Content] Forwarded from the National Institute of Cyber Security NISAC-200-202405-00000001 Google has released new versions 124.0.6367.201 and 202 of the Chrome browser. This release primarily aims to patch a high-risk vulnerability, CVE-2024-4671. This vulnerability stems from a flaw in the rendering engine component, which exhibits a "Use After Free" vulnerability, potentially leading to crashes, remote code execution, or privilege escalation. Information Sharing Level: WHITE (Information content can be publicly disclosed) |
|||
[Affected Platform] ●Chrome versions prior to 124.0.6367.201 |
|||
[Recommended Actions] Please refer to the instructions and handling recommendations on the official Google website to update the Chrome browser to versions 124.0.6367.201 and 202 (inclusive). ●chrome://settings/help |
|||
[Reference] 1. iThome:https://www.ithome.com.tw/news/162822 2. microsoft-CVE-2024-4671:https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-4671 |