1. Cybersecurity >
  2. Cybersecurity Nachrichten >
  3. Stable Channel Update for Desktop

ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

Stable Channel Update for Desktop


IT Security Nachrichten vom | Direktlink: feedproxy.google.com Nachrichten Bewertung

The stable channel has been updated to 84.0.4147.125 for Windows, Mac, and Linux, which will roll out over the coming days/weeks.

A list of all changes is available in the log. Interested in switching release channels? Find out how. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.

Security Fixes and Rewards
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.

This update includes 15 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.

[$10000][1107433] High CVE-2020-6542: Use after free in ANGLE. Reported by Piotr Bania of Cisco Talos on 2020-07-20
[$7500][1104046] High CVE-2020-6543: Use after free in task scheduling. Reported by Looben Yang on 2020-07-10
[$7500][1108497] High CVE-2020-6544: Use after free in media. Reported by Tim Becker of Theori on 2020-07-22
[$5000][1095584] High CVE-2020-6545: Use after free in audio. Reported by Anonymous on 2020-06-16
[$TBD][1100280] High CVE-2020-6546: Inappropriate implementation in installer. Reported by Andrew Hess (any1) on 2020-06-29
[$TBD][1102153] High CVE-2020-6547: Incorrect security UI in media. Reported by David Albert on 2020-07-05
[$TBD][1103827] High CVE-2020-6548: Heap buffer overflow in Skia. Reported by Choongwoo Han, Microsoft Browser Vulnerability Research on 2020-07-09
[$N/A][1105426] High CVE-2020-6549: Use after free in media. Reported by Sergei Glazunov of Google Project Zero on 2020-07-14
[$N/A][1106682] High CVE-2020-6550: Use after free in IndexedDB. Reported by Sergei Glazunov of Google Project Zero on 2020-07-17
[$N/A][1107815] High CVE-2020-6551: Use after free in WebXR. Reported by Sergei Glazunov of Google Project Zero on 2020-07-21
[$TBD][1108518] High CVE-2020-6552: Use after free in Blink. Reported by Tim Becker of Theori on 2020-07-22
[$TBD][1111307] High CVE-2020-6553: Use after free in offline mode. Reported by Alison Huffman, Microsoft Browser Vulnerability Research on 2020-07-30
[$5000][1094235] Medium CVE-2020-6554: Use after free in extensions. Reported by Anonymous on 2020-06-12
[$1000][1105202] Medium CVE-2020-6555: Out of bounds read in WebGL. Reported by Marcin Towalski of Cisco Talos on 2020-07-13

We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.

As usual, our ongoing internal security work was responsible for a wide range of fixes:[1114335] Various fixes from internal audits, fuzzing and other initiatives



Google Chrome
Prudhvikumar Bommana

...
http://feedproxy.google.com/~r/GoogleChromeReleases/~3/DtjrdkDuxMc/stable-channel-update-for-desktop.html

Externe Quelle mit kompletten Inhalt anzeigen


Zur Startseite von Team IT Security

➤ Weitere Beiträge von Team Security | IT Sicherheit

An Introduction to System.Threading.Channels

vom 317.46 Punkte ic_school_black_18dp
“Producer/consumer” problems are everywhere, in all facets of our lives. A line cook at a fast food restaurant, slicing tomatoes that are handed off to another cook to assemble a burger, which is handed off to a register worker to fulfill your or

TWC9: VS Code Updates, Microsoft and Oracle, GitHub Desktop 2.0, Xbox Body Wash and more | This Week On Channel 9

vom 147.11 Punkte ic_school_black_18dp
This Week on Channel 9, Christina is back from international travel and a few days off (WE WERE NOT CANCELED), is sporting her Rocket t-shirt and is ready got get into the week's latest dev news, including: [00:35] Insider Dev Tour [01:17] Micros

.NET Framework May 2019 Security and Quality Rollup

vom 109.2 Punkte ic_school_black_18dp
Today, we are releasing the May 2019 Cumulative Update, Security and Quality Rollup, and Security Only Update. Security CVE-2019-0820 – Denial of Service Vulnerability A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings. An attacker who successfully explo

.NET Framework July 2019 Security and Quality Rollup

vom 102.93 Punkte ic_school_black_18dp
Today, we are releasing the July 2019 Cumulative Update, Security and Quality Rollup, and Security Only Update for .NET Framework. Security CVE-2019-1006 – WCF/WIF SAML Token Authentication Bypass Vulnerability An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation

CVE-2019-0708: A Comprehensive Analysis of a Remote Desktop Services Vulnerability

vom 102.63 Punkte ic_school_black_18dp
In the May 2019 patch cycle, Microsoft released a patch for a remote code execution bug in their Remote Desktop Services (RDS). A remote, unauthenticated attacker can exploit this vulnerability by sending crafted RDP messages to the target server. Success

[Stable-Staging Update] 2020-02-26 - Kernels, Mesa, LibreOffice, Pamac 9.4-rc, Blender 2.82, NetworkManager

vom 102.61 Punkte ic_school_black_18dp
@philm wrote: Hello community, here is our first Stable-Staging Update! With this new branch we want to push packages faster to our stable branch. Sometimes big package sets hold us back to update stable branch at all. So we

[Stable-Staging Update] 2020-03-01 - Kernels, KDE-git, Asian-Input-Support, Firefox-Dev, LibreOffice, Wine

vom 100.1 Punkte ic_school_black_18dp
@philm wrote: Hello community, here is our second Stable-Staging Update: We updated both FreeOffice and SoftMaker Office to v2018.974 releases on all branches! Some feature-updates: Kernels got updated LibreOffice is now at 6.4.1 Firefox-Dev has a ne

TWC9: COVID-19 Updates, PowerShell 7, WSL Conf, Rose Gold Xbox Series X and more | This Week On Channel 9

vom 99.61 Punkte ic_school_black_18dp
This Week on Channel 9, Christina is giving a last update before the studio goes on hiatus bringing you the latest developer news, including: [00:26] COVID-19 and Microsoft Teams Offer [01:30] Best Pracatices for Working Remotely [01:57] GitHub Satellite Now Online Only[02:08] WSL Conf Now Online Only [02:34] Docker Deskt

.NET Framework May 2020 Security and Quality Rollup Updates

vom 99.16 Punkte ic_school_black_18dp
Today, we are releasing the May 2020 Security and Quality Rollup Updates for .NET Framework. Security CVE-2020-0605 – .NET Framework Remote Code Execution Vulnerability A remote code execution vulnerability exists in .NET software when the software

.NET Framework September 2019 Security and Quality Rollup

vom 94.14 Punkte ic_school_black_18dp
Today, we are releasing the September 2019 Cumulative Update, Security and Quality Rollup, and Security Only Update for .NET Framework. Security CVE-2019-1142– .NET Framework Elevation of Privilege Vulnerability An elevation of privilege vulnerability exists when the .NET Framework common language runtime (CLR) allows file creation in ar

Google Chrome 49.0 SRI Validation erweiterte Rechte

vom 93.7 Punkte ic_school_black_18dp
Allgemein scipID: 81162 Betroffen: Google Chrome 49.0 Veröffentlicht: 02.03.2016 Risiko: problematisch Erstellt: 04.03.2016 Eintrag: 72.3% komplett Beschreibung Es wurde eine problematische Schwachstelle in Google Chrome 49.0 entdeckt. Es g

Google Chrome 49.0 unbekannte Schwachstelle [CVE-2016-1642]

vom 93.7 Punkte ic_school_black_18dp
Allgemein scipID: 81168 Betroffen: Google Chrome 49.0 Veröffentlicht: 02.03.2016 Risiko: problematisch Erstellt: 04.03.2016 Eintrag: 71.8% komplett Beschreibung Es wurde eine problematische Schwachstelle in Google Chrome 49.0 ausgemacht. Da

Team Security Diskussion über Stable Channel Update for Desktop