Vulnerability Management

Chrome 65 update ready, contains 45 security fixes

The Google Chrome team reported it moved Chrome 65 to the stable channel for Windows, Mac and Linux with the latest update containing 45 security fixes, with at least nine rated as “high”.

Chrome 65.0.3325.146, containing the patches, will be rolled out in the next few weeks, Google said and while it gave a high-level description of the issue being fixed details will not be made available until the majority of users have updated their version of Chrome. The Chrome team also did not list all the issues fixed, just those discovered by outside sources.

Of those mentioned by Google the “high” rated issues are:

·       CVE-2017-11215: Use after free in Flash.

·       CVE-2017-11225: Use after free in Flash.

·       CVE-2018-6060: Use after free in Blink.

·       CVE-2018-6061: Race condition in V8.

·       CVE-2018-6062: Heap buffer overflow in Skia.

·       CVE-2018-6057: Incorrect permissions on shared memory.

·       CVE-2018-6063: Incorrect permissions on shared memory

·       CVE-2018-6064: Type confusion in V8.

·       CVE-2018-6065: Integer overflow in V8.

Fifteen of the remaining patches fix issues disclosed were rated “medium” and three “low”.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.