On 11/06/2017, an advisory was released stating that the Chrome web browser had several serious vulnerabilities which may allow remote code execution, including:

  • A stack buffer overflow in QUIC. (CVE-2017-15398)
  • A use after free in V8. (CVE-2017-15399)

While no exploits in the wild are known as of yet, all it would take for someone to get into your system would be getting redirected to a specially crafted website which leveraged one of these vulnerabilities.

Good news! Google has recently released a patch. Everyone should ensure that their Chrome browsers are updated to the latest version (62.0.3202.94 as of this writing). If your version is below 62.0.3202.89, you are vulnerable.

Generally, Chrome will update itself when it gets the chance, but if you’re one to leave your browser open for long periods of time, it may not have updated yet. For peace of mind, check your version by clicking on the three-dot menu icon in the top right, selecting “Help”, and then “About Google Chrome.”

 

Stay cyber-safe,

SecuLore Support Team

Other Alerts

  • Cyber Alert: Mitel and Oracle Vulnerabilities

    2025-01-13

  • Cyber Alert: Ivanti Connect Secure Flaw

    2025-01-13

  • Cyber Alert: Zyxel Firewall Vulnerability

    2024-12-05

  • Cyber Alert: Array Networks Critical Vulnerability

    2024-12-02

  • Cyber Alert: Palo Alto Expedition Migration Vulnerability

    2024-11-12

Cybersecurity for Critical Infrastructure

SecuLore provides Managed Detection and Response (MDR) to protect our nation’s critical infrastructure from cyber threats. Our expertise is built on deep knowledge of 9-1-1 technology, cyberwarfare, and ethical hacking, ensuring the highest level of cybersecurity for public safety agencies.

  • 24/7 Vulnerability & Threat Monitoring

  • Automated & AI Threat Detection

  • Specialized Threat Intelligence

  • Proactive Threat Hunting

  • Incident Response & Remediation

  • Forensics & Root Cause Analysis