PDA

View Full Version : Google Chrome updates



AplusWebMaster
2012-03-22, 13:17
FYI...

Chrome v17.0.963.83 released
- https://secunia.com/advisories/48512/
Release Date: 2012-03-22
Criticality level: Highly critical
Impact: Security Bypass, System access
Where: From remote
CVE Reference(s): CVE-2011-3045, CVE-2011-3050, CVE-2011-3051, CVE-2011-3052, CVE-2011-3053, CVE-2011-3054, CVE-2011-3055, CVE-2011-3056, CVE-2011-3057
Solution: Update to version 17.0.963.83.
Original Advisory:
http://googlechromereleases.blogspot.com/2012/03/stable-channel-update_21.html

Related: https://secunia.com/advisories/48485/
"... update for libpng..."

- http://www.securitytracker.com/id/1026841
Mar 23 2012

:fear::fear:

AplusWebMaster
2012-03-29, 12:07
FYI...

Chrome v18.0.1025.142 released
- https://secunia.com/advisories/48618/
Release Date: 2012-03-29
Criticality level: Highly critical
Impact: Unknown, Cross Site Scripting, Spoofing, System access
Where: From remote...
CVE Reference(s): CVE-2011-3057, CVE-2011-3058, CVE-2011-3059, CVE-2011-3060, CVE-2011-3061, CVE-2011-3062, CVE-2011-3063, CVE-2011-3064, CVE-2011-3065, CVE-2012-0772, CVE-2012-0773
Solution: Upgrade to version 18.0.1025.142.
Original Advisory:
http://googlechromereleases.blogspot.com/2012/03/stable-channel-release-and-beta-channel.html
"... This version also contains the new Adobe Flash..."

:fear::fear:

AplusWebMaster
2012-04-06, 14:51
FYI...

Chrome v18.0.1025.151 released
- https://secunia.com/advisories/48732/
Release Date: 2012-04-06
Criticality level: Highly critical
Impact: Unknown, Security Bypass, System access
Where: From remote...
Solution: Update to version 18.0.1025.151.
Original Advisory:
http://googlechromereleases.blogspot.com/2012/04/stable-and-beta-channel-updates.html

- http://www.securitytracker.com/id/1026892
Date: Apr 5 2012
CVE Reference: CVE-2011-3066, CVE-2011-3067, CVE-2011-3068, CVE-2011-3069, CVE-2011-3070, CVE-2011-3071, CVE-2011-3072, CVE-2011-3073, CVE-2011-3074, CVE-2011-3075, CVE-2011-3076, CVE-2011-3077
Impact: Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 18.0.1025.151...

:fear:

AplusWebMaster
2012-04-11, 01:09
FYI...

Chrome v18.0.1025.152 released
- http://googlechromereleases.blogspot.com/search/label/Stable%20updates
April 9, 2012 - "The Chrome Stable channel has been updated to 18.0.1025.152 on Windows. This release fixes issues with SSL (Issue: 118706). Please note this might reintroduce Issue: 117371 and we are actively working on a fix for it..."

:fear::fear:

AplusWebMaster
2012-04-13, 15:04
FYI...

Chrome v18.0.1025.162 released
- http://googlechromereleases.blogspot.com/search/label/Stable%20updates
April 12, 2012 - "The Chrome Stable channel has been updated to 18.0.1025.162 on on Windows, Mac, Linux and Chrome Frame. This release fixes issues including:
Windows:
• Facebook page hangs after a while (Issue: 121141)
• black screen on Hybrid Graphics system with GPU accelerated compositing enabled (Issue: 117371)
Mac:
• HTML5 audio doesn't work on some Mac computers (Issue: 109441)..."

:fear::fear:

AplusWebMaster
2012-05-01, 16:10
FYI...

Chrome v18.0.1025.168 released
- https://secunia.com/advisories/48992/
Release Date: 2012-05-01
Criticality level: Highly critical
Impact: Unknown, System access
Where: From remote
CVE Reference(s):
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3078 - 10.0 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3079 - 10.0 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3080 - 7.5 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3081 - 7.5 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1521 - 10.0 (HIGH)
... vulnerabilities are reported in versions prior to 18.0.1025.168.
Solution: Update to version 18.0.1025.168...

> http://googlechromereleases.blogspot.com/search/label/Stable%20updates
April 30, 2012

:fear::spider:

AplusWebMaster
2012-05-16, 17:13
FYI...

Chrome v19.0.1084.46 released
- https://secunia.com/advisories/49194/
Release Date: 2012-05-16
Criticality level: Highly critical
... vulnerabilities are reported in versions prior to 19.0.1084.46.
Solution: Upgrade to version 19.0.1084.46.
Original Advisory:
http://googlechromereleases.blogspot.com/2012/05/stable-channel-update.html

- http://www.securitytracker.com/id/1027067
CVE Reference:
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3083 - 5.0
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3084 - 7.5 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3085 - 5.0
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3086 - 10.0 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3087 - 10.0 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3088 - 5.0
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3089 - 10.0 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3090 - 7.6 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3091 - 7.5 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3092 - 7.5 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3093 - 5.0
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3094 - 5.0
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3095 - 7.5 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3096 - 7.5 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3097 - 7.5 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3098 - 7.2 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3099 - 7.5 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3100 - 5.0
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3101 - 10.0 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3102 - 7.5 (HIGH)
May 16 2012
Impact: Execution of arbitrary code via network, User access via network
A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
Version(s): prior to 19 ...

:fear::fear:

AplusWebMaster
2012-05-24, 16:45
FYI...

Chrome v19.0.1084.52 released
- https://secunia.com/advisories/49277/
Release Date: 2012-05-24
Criticality level: Highly critical
Impact: Unknown, System access
Where: From remote
CVE Reference(s): CVE-2011-3103, CVE-2011-3104, CVE-2011-3105, CVE-2011-3106, CVE-2011-3107, CVE-2011-3108, CVE-2011-3109, CVE-2011-3110, CVE-2011-3111, CVE-2011-3112, CVE-2011-3113, CVE-2011-3114, CVE-2011-3115
... vulnerabilities are reported in versions prior to 19.0.1084.52.
Solution: Update to version 19.0.1084.52.
Original Advisory:
http://googlechromereleases.blogspot.com/2012/05/stable-channel-update_23.html

- http://www.securitytracker.com/id/1027098
May 24 2012
Impact: Execution of arbitrary code via network, User access via network
Version(s): prior to 19.0.1084.52 ...

:fear::fear:

AplusWebMaster
2012-06-11, 15:18
FYI...

Chrome v19.0.1084.56 released
- https://secunia.com/advisories/49503/
Release Date: 2012-06-11
Criticality level: Highly critical
Impact: Security Bypass, System access
Where: From remote
... more information: https://secunia.com/SA49388/
Solution: Update to version 19.0.1084.56.
Original Advisory:
http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_08.html

:fear:

AplusWebMaster
2012-06-27, 13:38
FYI...

Chrome v20.0.1132.43 released
- https://secunia.com/advisories/49724/
Release Date: 2012-06-27
Criticality level: Highly critical
Impact: Unknown, Security Bypass, Exposure of sensitive information, System access
Where: From remote ...
CVE Reference(s): CVE-2012-2764, CVE-2012-2815, CVE-2012-2816, CVE-2012-2817, CVE-2012-2818, CVE-2012-2819, CVE-2012-2820, CVE-2012-2821, CVE-2012-2822, CVE-2012-2823, CVE-2012-2824, CVE-2012-2826, CVE-2012-2827, CVE-2012-2828, CVE-2012-2829, CVE-2012-2830, CVE-2012-2831, CVE-2012-2832, CVE-2012-2833, CVE-2012-2834
Solution: Upgrade to version 20.0.1132.43.
Original Advisory:
- http://googlechromereleases.blogspot.com/2012/06/stable-channel-update_26.html

:fear::fear:

AplusWebMaster
2012-07-11, 20:14
FYI...

Chrome v20.0.1132.57 released
- http://googlechromereleases.blogspot.com/search/label/Stable%20updates
July 11, 2012 - "The Stable channel has been updated to 20.0.1132.57 for Windows, Mac, Linux, and Chrome Frame. Along with below mentioned security fixes, this build contains an update to Flash player, v8 (3.10.8.20) and couple of stability/bug fixes...
High CVE-2012-2842: Use-after-free in counter handling...
High CVE-2012-2843: Use-after-free in layout height tracking...
High CVE-2012-2844: Bad object access with JavaScript in PDF..."

- https://secunia.com/advisories/49906/
Release Date: 2012-07-12
Criticality level: Highly critical
Impact: System access
Where: From remote
Solution: Update to version 20.0.1132.57.
Original Advisory: Google:
http://googlechromereleases.blogspot.com/2012/07/stable-channel-update.html

:fear::fear:

AplusWebMaster
2012-08-01, 16:28
FYI...

Chrome v21.0.1180.60 released
- https://secunia.com/advisories/50105/
Release Date: 2012-08-01
Criticality level: Highly critical
Impact: Security Bypass, System access
Where: From remote...
CVE Reference(s): CVE-2012-2846, CVE-2012-2847, CVE-2012-2848, CVE-2012-2849, CVE-2012-2850, CVE-2012-2851, CVE-2012-2852, CVE-2012-2853, CVE-2012-2854, CVE-2012-2855, CVE-2012-2856, CVE-2012-2857, CVE-2012-2858, CVE-2012-2859, CVE-2012-2860
Original Advisory:
http://googlechromereleases.blogspot.com/2012/07/stable-channel-release.html
"... release of Chrome 21 to the Stable Channel. 21.0.1180.57 for Mac and Linux. 21.0.1180.60 for Windows and Chrome Frame..."

- http://h-online.com/-1657169
1 August 2012

:fear::spider:

AplusWebMaster
2012-08-09, 16:12
FYI...

Chrome v21.0.1180.75 released
- https://secunia.com/advisories/50222/
Release Date: 2012-08-09
Criticality level: Highly critical
Impact: System access
Where: From remote
CVE Reference(s): CVE-2012-2862, CVE-2012-2863
... vulnerabilities are reported in versions prior to 21.0.1180.75.
Solution: Update to version 21.0.1180.75.
Original Advisory:
http://googlechromereleases.blogspot.com/2012/08/stable-channel-update.html
Security fixes...
• [136643] [137721] [137957] High CVE-2012-2862: Use-after-free in PDF viewer...
• [136968] [137361] High CVE-2012-2863: Out-of-bounds writes in PDF viewer...

:fear::fear:

AplusWebMaster
2012-08-15, 15:16
FYI...

Chrome v21.0.1180.79 released
- https://secunia.com/advisories/50286/
Release Date: 2012-08-14
Criticality level: Highly critical
Impact: System access
Where: From remote...
CVE Reference: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1535
... vulnerability is caused due to the application bundling a vulnerable version of Adobe Flash Player.
For more information: https://secunia.com/SA50285/
Solution: Update to version 21.0.1180.79 for Mac, Linux, Windows, and Chrome Frame.
Original Advisory: Google:
http://googlechromereleases.blogspot.dk/2012/08/stable-channel-update_14.html
August 14, 2012 - "The Stable channel has been updated to 21.0.1180.79 for Mac, Linux, Windows and Chrome Frame. This build fixes a security issue with Adobe Flash..."

>> http://forums.spybot.info/showpost.php?p=429696&postcount=80

:fear:

AplusWebMaster
2012-08-22, 15:31
FYI...

Chrome v21.0.1180.83 released
- https://secunia.com/advisories/50356/
Release Date: 2012-08-22
Criticality level: Highly critical
Impact: Exposure of sensitive information, System access
Where: From remote
... vulnerabilities are caused due to the application bundling a vulnerable version of Adobe Flash Player.
For more information: https://secunia.com/SA50354/
Solution: Update to a fixed version...
Original Advisory:
http://googlechromereleases.blogspot.dk/2012/08/stable-channel-update_21.html
August 21, 2012 - "The Stable channel has been updated to 21.0.1180.81 for Linux, 21.0.1180.83 for Windows and Chrome Frame and both Beta and Stable channels have been updated to 21.0.1180.82 for Mac...
These builds also have a new version of Flash with security and other fixes..."

:fear:

AplusWebMaster
2012-08-31, 14:42
FYI...

Chrome v21.0.1180.89 released
- https://secunia.com/advisories/50447/
Release Date: 2012-08-31
Criticality level: Highly critical
Impact: Unknown, Cross Site Scripting, System access
Where: From remote...
CVE Reference(s): CVE-2012-2865, CVE-2012-2866, CVE-2012-2867, CVE-2012-2868, CVE-2012-2869, CVE-2012-2870, CVE-2012-2871, CVE-2012-2872
... vulnerabilities are reported in versions prior to 21.0.1180.89.
Solution: Update to version 21.0.1180.89.
Original Advisory:
http://googlechromereleases.blogspot.com/2012/08/stable-channel-update_30.html
___

- http://h-online.com/-1696236
31 August 2012

:fear:

AplusWebMaster
2012-09-26, 14:04
FYI...

Chrome v22.0.1229.79 released
- https://secunia.com/advisories/50759/
Release Date: 2012-09-26
Criticality level: Highly critical
Impact: Unknown, Security Bypass, Cross Site Scripting, System access
Where: From remote ...
CVE Reference(s): CVE-2012-2874, CVE-2012-2875, CVE-2012-2876, CVE-2012-2877, CVE-2012-2878, CVE-2012-2879, CVE-2012-2880, CVE-2012-2881, CVE-2012-2882, CVE-2012-2883, CVE-2012-2884, CVE-2012-2885, CVE-2012-2886, CVE-2012-2887, CVE-2012-2888, CVE-2012-2889, CVE-2012-2890, CVE-2012-2891, CVE-2012-2892, CVE-2012-2893, CVE-2012-2894, CVE-2012-2895, CVE-2012-2896
Solution: Upgrade to version 22.0.1229.79.
Original Advisory: Google:
http://googlechromereleases.blogspot.dk/2012/09/stable-channel-update_25.html
___

Security fixes dominate Chrome 22
- http://h-online.com/-1717660
26 Sep 2012 - "... closes more than 40 security holes, of which one is considered to be critical and 19 are rated as 'high severity'..."

:fear:

AplusWebMaster
2012-10-09, 14:50
FYI...

Chrome v22.0.1229.92 released
- https://secunia.com/advisories/50872/
Release Date: 2012-10-09
Criticality level: Highly critical
Impact: System access
Where: From remote
Solution: Update to version 22.0.1229.92.
Original Advisory: http://googlechromereleases.blogspot.dk/2012/10/stable-channel-update.html
October 8, 2012 - "... This update contains a number of stability fixes, including an issue with multiple profiles on Mac OS X 10.8.2... These builds also have a new version of Flash with security and other fixes. More information can be found here*..."
* http://helpx.adobe.com/flash-player/release-note/fp_114_air_34_release_notes.html#fixed_issues

- http://www.securitytracker.com/id/1027617
CVE Reference: CVE-2012-2900, CVE-2012-5108, CVE-2012-5109, CVE-2012-5110, CVE-2012-5111
Oct 8 2012
Version(s): prior to 22.0.1229.92
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system...
Solution: The vendor has issued a fix (22.0.1229.92).

:fear:

AplusWebMaster
2012-10-11, 15:07
FYI...

Chrome v22.0.1229.94 released
- https://secunia.com/advisories/50954/
Release Date: 2012-10-11
Criticality level: Highly critical
Impact: Security Bypass, System access
Where: From remote
CVE Reference: CVE-2012-5112
Solution: Update to version 22.0.1229.94.
Original Advisory: Google:
- http://googlechromereleases.blogspot.com/search/label/Stable%20updates
Oct 10, 2012

- http://www.securitytracker.com/id/1027644
CVE Reference: CVE-2012-5112
Oct 11 2012
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution: The vendor has issued a fix (22.0.1229.94).

- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5112 - 10.0 (HIGH)
- http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-5376 - 10.0 (HIGH)

:fear:

AplusWebMaster
2012-11-06, 22:36
FYI...

Chrome v23.0.1271.64 released
- http://googlechromereleases.blogspot.com/search/label/Stable%20updates
Nov 6, 2012 - "... 23.0.1271.64 for Windows, Mac, Linux, and Chrome Frame. Chrome 23 contains a number of new features including GPU accelerated video decoding on Windows and easier website permissions... referenced bugs may be kept private until a majority of our users are up to date with the fix... This version also has a new Adobe Flash..."
___

- https://secunia.com/advisories/51210/
Release Date: 2012-11-07
Criticality level: Highly critical
Impact: Security Bypass, System access
Where: From remote
CVE Reference(s): CVE-2012-5115, CVE-2012-5116, CVE-2012-5117, CVE-2012-5118, CVE-2012-5119, CVE-2012-5120, CVE-2012-5121, CVE-2012-5122, CVE-2012-5123, CVE-2012-5124, CVE-2012-5125, CVE-2012-5126, CVE-2012-5127, CVE-2012-5128, CVE-2012-5274, CVE-2012-5275, CVE-2012-5276, CVE-2012-5277, CVE-2012-5278, CVE-2012-5279, CVE-2012-5280
Solution: Upgrade to version 23.0.1271.64.
Original Advisory: Google:
http://googlechromereleases.blogspot.dk/2012/11/stable-channel-release-and-beta-channel.html

:fear::fear:

AplusWebMaster
2012-11-27, 16:10
FYI...

Chrome v23.0.1271.91 released
- https://secunia.com/advisories/51437/
Release Date: 2012-11-27
Criticality level: Highly critical
Impact: Unknown, System access
Where: From remote
CVE Reference(s): CVE-2012-5130, CVE-2012-5131, CVE-2012-5132, CVE-2012-5133, CVE-2012-5134,
CVE-2012-5135, CVE-2012-5136
... more information see vulnerability #2: https://secunia.com/SA48000/
... vulnerabilities are reported in versions prior to 23.0.1271.91.
Solution: Update to version 23.0.1271.91.
Original Advisory: http://googlechromereleases.blogspot.dk/2012/11/stable-channel-update.html

- http://www.securitytracker.com/id/1027815
CVE Reference: CVE-2012-5130, CVE-2012-5131, CVE-2012-5132, CVE-2012-5133, CVE-2012-5134, CVE-2012-5135, CVE-2012-5136
Nov 27 2012
Impact: Execution of arbitrary code via network, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 23.0.1271.91 ...

:fear:

AplusWebMaster
2012-11-30, 15:36
FYI...

Chrome v23.0.1271.95 released
- https://secunia.com/advisories/51447/
Release Date: 2012-11-30
Criticality level: Highly critical
Impact: Unknown, System access
Where: From remote
CVE Reference(s): CVE-2012-5137, CVE-2012-5138
... vulnerabilities are reported in versions prior to 23.0.1271.95.
Solution: Update to version 23.0.1271.95.
Original Advisory:
http://googlechromereleases.blogspot.dk/2012/11/stable-channel-update_29.html

:fear:

AplusWebMaster
2012-12-12, 13:14
FYI...

Chrome v23.0.1271.97 released
- https://secunia.com/advisories/51549/
Release Date: 2012-12-12
Criticality level: Highly critical
Impact: Unknown, System access
Where: From remote
CVE Reference(s): CVE-2012-5139, CVE-2012-5140, CVE-2012-5141, CVE-2012-5142, CVE-2012-5143, CVE-2012-5144, CVE-2012-5676, CVE-2012-5677, CVE-2012-5678
For more information: https://secunia.com/SA51560/
... vulnerabilities are reported in versions prior to 23.0.1271.97.
Solution: Update to version 23.0.1271.97.
Original Advisory: Google:
http://googlechromereleases.blogspot.dk/2012/12/stable-channel-update.html
___

- http://h-online.com/-1774354
24 Dec 2012

:fear:

AplusWebMaster
2013-01-11, 09:08
FYI...

Chrome v24.0.1312.52 released
- https://secunia.com/advisories/51825/
Release Date: 2013-01-11
Criticality level: Highly critical
Impact: Unknown, Security Bypass, System access
Where: From remote
CVE Reference(s): CVE-2012-5145, CVE-2012-5146, CVE-2012-5147, CVE-2012-5148, CVE-2012-5149, CVE-2012-5150, CVE-2012-5151, CVE-2012-5152, CVE-2012-5153, CVE-2012-5154, CVE-2012-5155, CVE-2012-5156, CVE-2012-5157, CVE-2013-0630, CVE-2013-0828, CVE-2013-0829, CVE-2013-0830, CVE-2013-0831, CVE-2013-0832, CVE-2013-0833, CVE-2013-0834, CVE-2013-0835, CVE-2013-0836, CVE-2013-0837, CVE-2013-0838
... vulnerabilities are reported in versions prior to 24.0.1312.52.
Solution: Upgrade to version 24.0.1312.52.
Original Advisory:
- http://googlechromereleases.blogspot.com/2013/01/stable-channel-update.html
Jan 10, 2013 - "... Chrome 24.0.1312.52 has been updated for Windows, Mac, Linux, and Chrome Frame... This release also contains an update to Flash (11.5.31.137) as well as improvements in speed and stability..."

- http://h-online.com/-1781648
11 Jan 2013

:fear::fear:

AplusWebMaster
2013-01-23, 15:45
FYI...

Chrome v24.0.1312.56 released
- https://secunia.com/advisories/51935/
Release Date: 2013-01-23
Criticality level: Highly critical
Impact: Unknown, System access
Where: From remote
CVE Reference(s): CVE-2013-0839, CVE-2013-0840, CVE-2013-0841, CVE-2013-0842, CVE-2013-0843
... vulnerabilities are reported in versions prior to 24.0.1312.56.
Solution: Update to version 24.0.1312.56.
Original Advisory:
http://googlechromereleases.blogspot.com/2013/01/stable-channel-update_22.html
___

- http://www.theregister.co.uk/2013/01/22/pwn2own_web_plugin_prize/
22 Jan 2013

- http://h-online.com/-1791381
25 Jan 2013

:fear::fear:

AplusWebMaster
2013-02-12, 22:52
FYI...

Chrome v24.0.1312.70 released
- https://secunia.com/advisories/52163/
Release Date: 2013-02-12
Criticality level: Highly critical
Impact: Exposure of sensitive information, System access
Where: From remote...
For more information: https://secunia.com/SA52166/
Solution: Update to version 24.0.1312.70.
Original Advisory:
- http://googlechromereleases.blogspot.com/2013/02/stable-channel-update_12.html

:fear:

AplusWebMaster
2013-02-22, 12:32
FYI...

Chrome v25.0.1364.97 released
- https://secunia.com/advisories/52320/
Release Date: 2013-02-22
Criticality level: Highly critical
Impact: Unknown, Security Bypass, System access
Where: From remote
CVE Reference(s): CVE-2013-0879, CVE-2013-0880, CVE-2013-0881, CVE-2013-0882, CVE-2013-0883, CVE-2013-0884, CVE-2013-0885, CVE-2013-0886, CVE-2013-0887, CVE-2013-0888, CVE-2013-0889, CVE-2013-0890, CVE-2013-0891, CVE-2013-0892, CVE-2013-0893, CVE-2013-0894, CVE-2013-0895, CVE-2013-0896, CVE-2013-0897, CVE-2013-0898, CVE-2013-0899, CVE-2013-0900
... vulnerabilities are reported in versions prior to 25.0.1364.97 for Windows and Linux and prior to 25.0.1364.99 for Mac.
Solution: Upgrade to version 25.0.1364.97 for Windows and Linux and 25.0.1364.99 for Mac.
Original Advisory:
- http://googlechromereleases.blogspot.com.au/2013/02/stable-channel-update_21.html
Feb 21, 2013 - "... Chrome 25.0.1364.97 for Windows and Linux, and 25.0.1364.99 for Mac contain a number of new items including:
- Improvements in managing and securing your extensions
- Better support for HTML5 time/date inputs
- JavaScript Web Speech API support
- Better WebGL error handling
- And lots of other features for developers
Security fixes... We’ve also resolved a high severity security issue by disabling MathML in this release. The WebKit MathML implementation isn’t quite ready for prime time yet but we are excited to enable it again in a future release once the security issues have been addressed. Many... bugs were detected using AddressSanitizer..."

:fear:

AplusWebMaster
2013-03-05, 00:59
FYI...

Chrome v25.0.1364.152 released
- http://googlechromereleases.blogspot.com/2013/03/stable-channel-update_4.html
March 4, 2013 - "The Stable channel has been updated to 25.0.1364.152 for Windows and Linux. Note: these release notes also apply to the same version for Mac that was released last Friday. This release contains security and stability improvements along with a number of bug fixes... the referenced bugs may be kept private until a majority of our users are up to date with the fix..."

- https://secunia.com/advisories/52454/
Release Date: 2013-03-05
Criticality level: Highly critical
Impact: Unknown, System access
Where: From remote ...
CVE Reference(s): CVE-2013-0902, CVE-2013-0903, CVE-2013-0904, CVE-2013-0905, CVE-2013-0906, CVE-2013-0907, CVE-2013-0908, CVE-2013-0909, CVE-2013-0910, CVE-2013-0911
... vulnerabilities are reported in versions prior to 25.0.1364.152.
Solution: Update to version 25.0.1364.152.

:fear::fear:

AplusWebMaster
2013-03-08, 15:00
FYI...

Chrome v25.0.1364.160 released
- https://secunia.com/advisories/52534/
Release Date: 2013-03-08
Criticality level: Highly critical
Impact: System access
Where: From remote
CVE Reference: CVE-2013-0912
... vulnerability is reported in versions prior to 25.0.1364.160.
Solution: Update to version 25.0.1364.160.
Original Advisory: Chrome:
http://googlechromereleases.blogspot.dk/2013/03/stable-channel-update_7.html
MWR InfoSecurity:
http://labs.mwrinfosecurity.com/blog/2013/03/06/pwn2own-at-cansecwest-2013/

:fear:

AplusWebMaster
2013-03-13, 14:06
FYI...

Chrome v25.0.1364.172 released
- https://secunia.com/advisories/52591/
Release Date: 2013-03-12
Criticality level: Highly critical
Impact: System access
Where: From remote
CVE Reference(s): CVE-2013-0646, CVE-2013-0650, CVE-2013-1371, CVE-2013-1375
For more information: https://secunia.com/SA52590/
... vulnerabilities are reported in versions prior to 25.0.1364.172.
Solution: Update to version 25.0.1364.172.
Original Advisory:
http://googlechromereleases.blogspot.dk/2013/03/stable-channel-update_12.html

AplusWebMaster
2013-03-20, 17:25
FYI...

Chrome v25.0.1364.173 released
- http://www.securitytracker.com/id/1028320
CVE Reference:
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0913 - 7.2 (HIGH)
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0915 - 10.0 (HIGH)
Mar 19 2013
Impact: Execution of arbitrary code via network, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 25.0.1364.173...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution: The vendor has issued a fix (25.0.1364.173)...
- http://googlechromereleases.blogspot.com/2013/03/stable-channel-update-for-chrome-os_15.html
... Release highlights:
- Updated Flash to 11.6.602.180, which resolves a bug where some DRM video content would be unable to play (e.g.: Amazon Prime Video).
- Fixed an issue with Chromebook Pixel and Acer C7 systems freezing while playing videos.
- Fixed an issue with Acer C7 systems freezing after resume...

:fear:

AplusWebMaster
2013-03-27, 13:43
FYI...

Chrome v26.0.1410.43 released
- https://secunia.com/advisories/52761/
Release Date: 2013-03-27
Criticality level: Highly critical
Impact: Unknown, Security Bypass, System access
Where: From remote
CVE Reference(s): CVE-2013-0916, CVE-2013-0917, CVE-2013-0918, CVE-2013-0919, CVE-2013-0920, CVE-2013-0921, CVE-2013-0922, CVE-2013-0923, CVE-2013-0924, CVE-2013-0925, CVE-2013-0926
... vulnerabilities are reported in versions prior to 26.0.1410.43.
Solution: Upgrade to version 26.0.1410.43.
Original Advisory:
- http://googlechromereleases.blogspot.dk/2013/03/stable-channel-update_26.html

- http://h-online.com/-1831304
27 March 2013

:fear::fear:

AplusWebMaster
2013-04-10, 13:00
FYI...

Chrome v26.0.1410.64 released
- https://secunia.com/advisories/52983/
Release Date: 2013-04-10
Criticality level: Highly critical
Impact: System access
Where: From remote ...
For more information: https://secunia.com/SA52931/
Solution: Update to version 26.0.1410.63 for Mac and Linux or 26.0.1410.64 for Windows.
Original Advisory:
http://googlechromereleases.blogspot.dk/2013/04/stable-channel-update.html
"... This release contains stability improvements, and a new version of Adobe Flash..."
___

Flash Player Update
- http://googlechromereleases.blogspot.dk/2013/05/flash-player-update.html
May 14, 2013 - "We are currently updating Flash Player to 11.7.700.202 for Windows and Mac to all Stable channel (Chrome 26) users."

:fear:

AplusWebMaster
2013-05-21, 21:25
FYI...

Chrome v27.0.1453.93 released
- http://googlechromereleases.blogspot.ca/2013/05/stable-channel-release.html
May 21, 2013 - "Chrome 27.0.1453.93 for Windows, Mac, Linux, and Chrome Frame contains a number of new items... ongoing internal security work was as usual responsible for a wide range of fixes..."

- https://secunia.com/advisories/53430/
Release Date: 2013-05-22
Criticality level: Highly critical
Impact: Unknown, Cross Site Scripting, Exposure of sensitive information, System access
Where: From remote ...
CVE Reference(s): CVE-2013-2728, CVE-2013-2836, CVE-2013-2837, CVE-2013-2839, CVE-2013-2840, CVE-2013-2841, CVE-2013-2842, CVE-2013-2843, CVE-2013-2844, CVE-2013-2845, CVE-2013-2846, CVE-2013-2847, CVE-2013-2848, CVE-2013-2849, CVE-2013-3324, CVE-2013-3325, CVE-2013-3326, CVE-2013-3327, CVE-2013-3328, CVE-2013-3329, CVE-2013-3330, CVE-2013-3331, CVE-2013-3332, CVE-2013-3333, CVE-2013-3334, CVE-2013-3335
... For more information: https://secunia.com/SA53419/
Solution: Update to version 27.0.1453.93.

- http://h-online.com/-1867731
22 May 2013

:fear::fear:

AplusWebMaster
2013-06-05, 13:18
FYI...

Chrome v27.0.1453.110 released
- https://secunia.com/advisories/53681/
Release Date: 2013-06-05
Criticality level: Highly critical
Impact: Unknown, System access
Where: From remote
CVE Reference(s): CVE-2013-2854, CVE-2013-2855, CVE-2013-2856, CVE-2013-2857, CVE-2013-2858, CVE-2013-2859, CVE-2013-2860, CVE-2013-2861, CVE-2013-2862, CVE-2013-2863, CVE-2013-2864, CVE-2013-2865
... vulnerabilities are reported in versions prior to 27.0.1453.110.
Solution: Update to version 27.0.1453.110.
Original Advisory:
- http://googlechromereleases.blogspot.com/search/label/Stable%20updates
June 4, 2013 - "... updated to 27.0.1453.110 for Windows, Macintosh, Linux and Chrome Frame platforms..."

- http://h-online.com/-1882885
5 June 2013

:fear::fear:

AplusWebMaster
2013-06-12, 16:37
FYI...

Chrome/Flash update to 11.7.700.225
- http://googlechromereleases.blogspot.com/2013/06/flash-player-update-for-stable-channel.html
June 11, 2013 - "Flash Player Update for Stable Channel / We are currently updating Flash Player to 11.7.700.225* for Windows and Mac to all Stable channel (Chrome 27) users."

* https://www.adobe.com/support/security/bulletins/apsb13-16.html

:fear:

AplusWebMaster
2013-06-19, 15:44
FYI...

Chrome v27.0.1453.116 released
- https://secunia.com/advisories/53867/
Release Date: 2013-06-19
Impact: Cross Site Scripting
Where: From remote ...
CVE Reference: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2866
... vulnerability is caused due to an error when handling opacity of embedded Flash elements and can be exploited to e.g. gain access to the system's camera and microphone by tricking the user into clicking Flash settings frame disguised as a normal graphical element. The vulnerability is reported in versions prior to 27.0.1453.116.
Solution: Update to version 27.0.1453.116.
Original Advisory: http://googlechromereleases.blogspot.com/2013/06/stable-channel-update_18.html

:fear:

AplusWebMaster
2013-07-10, 16:27
FYI...

Chrome v28.0.1500.71 released
- https://secunia.com/advisories/54017/
Release Date: 2013-07-09
Criticality: Highly Critical
CVE Reference(s): CVE-2013-2853, CVE-2013-2868, CVE-2013-2869, CVE-2013-2870, CVE-2013-2871, CVE-2013-2873, CVE-2013-2874, CVE-2013-2875, CVE-2013-2876, CVE-2013-2878, CVE-2013-2879, CVE-2013-2880
... vulnerabilities are reported in versions prior to 28.0.1500.71.
Solution: Upgrade to version 28.0.1500.71.
Original Advisory:
http://googlechromereleases.blogspot.dk/2013/07/stable-channel-update.html
"... We are separately updating users to Flash Player 11.8.800.97 via our component updater. The Stable channel has been updated to 28.0.1500.71 for Windows, Macintosh and Chrome Frame platforms..."
___

- http://h-online.com/-1915269
10 July 2013

:fear::fear:

AplusWebMaster
2013-07-31, 13:39
FYI...

Chrome 28.0.1500.95 released
- https://secunia.com/advisories/54325/
Release Date: 2013-07-31
Criticality: Highly Critical
Where: From remote
Impact: Unknown, Security Bypass, System access
CVE Reference(s): CVE-2013-2881, CVE-2013-2882, CVE-2013-2883, CVE-2013-2884, CVE-2013-2885,
CVE-2013-2886
... vulnerabilities are reported in versions prior to 28.0.1500.95.
Solution: Update to version 28.0.1500.95.
Original Advisory:
http://googlechromereleases.blogspot.dk/2013/07/stable-channel-update_30.html

:fear::fear:

AplusWebMaster
2013-08-21, 16:11
FYI...

Chrome v29.0.1547.57 released
- https://secunia.com/advisories/54479/
Release Date: 2013-08-21
Criticality: Highly Critical
Where: From remote
Impact: Unknown, Exposure of sensitive information, System access
CVE Reference(s): CVE-2013-2887, CVE-2013-2900, CVE-2013-2901, CVE-2013-2902, CVE-2013-2903, CVE-2013-2904, CVE-2013-2905
... vulnerabilities are reported in versions prior to 29.0.1547.57.
Solution: Upgrade to version 29.0.1547.57.
Original Advisory:
http://googlechromereleases.blogspot.com/2013/08/stable-channel-update.html
"... This update includes 25 security fixes..."

- http://www.securitytracker.com/id/1028942
CVE Reference: CVE-2013-2887, CVE-2013-2900, CVE-2013-2901, CVE-2013-2902, CVE-2013-2903, CVE-2013-2904, CVE-2013-2905
Aug 22 2013
Impact: Execution of arbitrary code via network, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 29.0.1547.57...

:fear::fear:

AplusWebMaster
2013-09-11, 16:13
FYI...

Chrome/Flash v11.8.800.170 updated
- http://googlechromereleases.blogspot.com/2013/09/flash-player-update.html
September 10, 2013 - "Flash Player Update: We are updating Flash Player to version 11.8.800.170 on Windows and Mac via our component update system (i.e. there will -not- be a Chrome update)..."

:blink:

AplusWebMaster
2013-10-01, 22:21
FYI...

Chrome 30.0.1599.66 released
- http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html
Oct 1, 2013 - "... Chrome 30 to the Stable channel for Windows, Mac, Linux and Chrome Frame. Chrome 30.0.1599.66 contains a number of fixes and improvements, including:
Easier searching by image
A number of new apps/extension APIs
Lots of under the hood changes for stability and performance ...
... This update includes -50- security fixes..."

- https://secunia.com/advisories/55087/
Release Date: 2013-10-02
Criticality: Highly Critical
Where: From remote
Impact: Spoofing, Unknown, System access...
CVE Reference(s): CVE-2013-2906, CVE-2013-2907, CVE-2013-2908, CVE-2013-2909, CVE-2013-2910, CVE-2013-2911, CVE-2013-2912, CVE-2013-2913, CVE-2013-2914, CVE-2013-2915, CVE-2013-2916, CVE-2013-2917, CVE-2013-2918, CVE-2013-2919, CVE-2013-2920, CVE-2013-2921, CVE-2013-2922, CVE-2013-2923, CVE-2013-2924
... vulnerabilities are reported in versions prior to 30.0.1599.66.
Solution: Upgrade to version 30.0.1599.66.
Original Advisory:
http://googlechromereleases.blogspot.com/2013/10/stable-channel-update.html

:fear::fear:

AplusWebMaster
2013-10-16, 14:13
FYI...

Chrome v30.0.1599.101 released
- https://secunia.com/advisories/55269/
Release Date: 2013-10-16
Criticality: Highly Critical
Where: From remote
Impact: Unknown, System access...
CVE Reference(s): CVE-2013-2925, CVE-2013-2926, CVE-2013-2927, CVE-2013-2928
... vulnerabilities are reported in versions prior to 30.0.1599.101.
Solution: Update to version 30.0.1599.101.
Original Advisory:
http://googlechromereleases.blogspot.com/2013/10/stable-channel-update_15.html
Oct 15, 2013 - "... This update includes 5 security fixes..."

:fear::fear:

AplusWebMaster
2013-11-12, 22:55
FYI...

Chrome v31.0.1650.48 released
- http://googlechromereleases.blogspot.com/2013/11/stable-channel-update.html
Nov 12, 2013 - "Chrome has been updated to 31.0.1650.48 for Windows, Mac, Linux and Chrome Frame. Flash Player has been updated to 11.9.900.152, which is included w/ this release... This update includes 25 security fixes..."
___

- http://www.securitytracker.com/id/1029330
CVE Reference: CVE-2013-2931, CVE-2013-6621, CVE-2013-6622, CVE-2013-6623, CVE-2013-6624, CVE-2013-6625, CVE-2013-6626, CVE-2013-6627, CVE-2013-6628, CVE-2013-6629, CVE-2013-6630, CVE-2013-6631
Nov 12 2013
Impact: Execution of arbitrary code via network, Modification of system information, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 31.0.1650.48 ...

:fear::fear:

AplusWebMaster
2013-11-15, 13:11
FYI...

Chrome 31.0.1650.57 released
- http://googlechromereleases.blogspot.com/2013/11/stable-channel-update_14.html
Nov 14, 2013 - "Chrome has been updated to 31.0.1650.57 for Windows, Mac, Linux and Chrome Frame..."

- https://secunia.com/advisories/55731/
Release Date: 2013-11-15
Criticality: Highly Critical
Where: From remote
Impact: System access...
CVE Reference: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6632 - 9.3 (HIGH)
... vulnerabilities are reported in versions prior to 31.0.1650.57 running on Windows, Mac, Linux, and Chrome Frame.
Solution: Update to version 31.0.1650.57.
Original Advisory:
http://googlechromereleases.blogspot.com/2013/11/stable-channel-update_14.html

:fear:

AplusWebMaster
2013-12-05, 13:04
FYI...

Chrome 31.0.1650.63 released
- https://secunia.com/advisories/55942/
Release Date: 2013-12-05
Criticality: Highly Critical
Where: From remote
Impact: Unknown, Hijacking, Spoofing, System access
Solution Status: Vendor Patch...
CVE Reference(s): CVE-2013-6634, CVE-2013-6635, CVE-2013-6636, CVE-2013-6637, CVE-2013-6638, CVE-2013-6639, CVE-2013-6640
... vulnerabilities are reported in versions prior to 31.0.1650.63.
Solution: Update to version 31.0.1650.63.
Original Advisory:
http://googlechromereleases.blogspot.com/2013/12/stable-channel-update.html
"... This update includes -15- security fixes..."

:fear::fear:

AplusWebMaster
2014-01-15, 02:45
FYI...

Chrome 32.0.1700.76 released
- https://secunia.com/advisories/56248/
Release Date: 2014-01-14
Criticality: Highly Critical
Where: From remote
Impact: Security Bypass, Spoofing, System access
CVE Reference(s): CVE-2013-6641, CVE-2013-6642, CVE-2013-6643, CVE-2013-6644, CVE-2013-6645, CVE-2013-6646
Solution: Upgrade to a fixed version.
Original Advisory:
- http://googlechromereleases.blogspot.com/2014/01/stable-channel-update.html
"... 32.0.1700.76 for Windows and Chrome Frame and 32.0.1700.77 for Mac and Linux. This release contains a number of fixes and improvements... Flash Player has been updated to 12.0.0.41, which is included w/ this release..."

:fear::fear:

AplusWebMaster
2014-01-28, 12:38
FYI...

Chrome 32.0.1700.102 released
- https://secunia.com/advisories/56640/
Release Date: 2014-01-28
Criticality: Highly Critical
Where: From remote
Impact: Unknown, System access...
CVE Reference(s):
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6649 - 7.5 (HIGH)
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6650 - 7.5 (HIGH)
... vulnerabilities are reported in versions prior to 32.0.1700.102.
Solution: Update to version 32.0.1700.102.
Original Advisory:
http://googlechromereleases.blogspot.com/2014/01/stable-channel-update_27.html
"... This update includes -14- security fixes..."

:fear::fear:

AplusWebMaster
2014-02-06, 22:31
FYI...

Chrome 32.0.1700.107 - Flash Player updated
- https://secunia.com/advisories/56437/
Release Date: 2014-02-06
Criticality: Highly Critical ...
Where: From remote
Impact: System access...
CVE Reference: CVE-2014-0497 ...
For more information: https://secunia.com/SA56737/
Solution: Update to version 32.0.1700.107.
Original Advisory:
- http://googlechromereleases.blogspot.com/2014/02/stable-channel-update.html
"... This build contains security updates for Flash player..."

:fear:

AplusWebMaster
2014-02-21, 17:08
FYI...

Chrome 33.0.1750.117 released
- https://secunia.com/advisories/57028/
Release Date: 2014-02-21
Criticality: Highly Critical
Where: From remote
Impact: Unknown, Exposure of sensitive information, System access
CVE Reference(s): CVE-2013-6652, CVE-2013-6653, CVE-2013-6654, CVE-2013-6655, CVE-2013-6656, CVE-2013-6657, CVE-2013-6658, CVE-2013-6659, CVE-2013-6660, CVE-2013-6661
... vulnerabilities are reported in versions prior to 33.0.1750.117.
Solution: Upgrade to version 33.0.1750.117.
Original Advisory:
- http://googlechromereleases.blogspot.com/2014/02/stable-channel-update_20.html
"... This update includes -28- security fixes..."

- http://www.securitytracker.com/id/1029813
Feb 22 2014
Impact: Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 33.0.1750.117 ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution: The vendor has issued a fix (33.0.1750.117)...

:fear::fear:

AplusWebMaster
2014-02-24, 18:22
FYI...

Chrome 33.0.1750.14 for iOS
- https://secunia.com/advisories/57035/
Release Date: 2014-02-24
Criticality: Moderately Critical
Where: From remote
Impact: Unknown ...
Software: Google Chrome for iOS 32.x
Solution: Upgrade to version 33.0.1750.14
Original Advisory:
- https://itunes.apple.com/us/app/chrome/id535886823

:fear:

AplusWebMaster
2014-03-04, 15:22
FYI...

Chrome 33.0.1750.146 released
- https://secunia.com/advisories/57194/
Release Date: 2014-03-04
Criticality: Highly Critical
Where: From remote
Impact: Security Bypass, System access...
CVE Reference(s): CVE-2013-6663, CVE-2013-6664, CVE-2013-6665, CVE-2013-6666, CVE-2013-6667, CVE-2013-6668
Solution: Update to version 33.0.1750.146...
Original Advisory:
- http://googlechromereleases.blogspot.com/2014/03/stable-channel-update.html
"... This update includes -19- security fixes..."

:fear:

AplusWebMaster
2014-03-12, 00:20
FYI...

Chrome 33.0.1750.149 released
- https://secunia.com/advisories/57164/
Release Date: 2014-03-11
Criticality: Highly Critical
Where: From remote
Impact: Unknown, Security Bypass, Cross Site Scripting, Exposure of sensitive information, System access
CVE Reference(s): CVE-2014-0503, CVE-2014-0504, CVE-2014-1700, CVE-2014-1701, CVE-2014-1702, CVE-2014-1703, CVE-2014-1704
... vulnerabilities are reported in versions prior to 33.0.1750.149.
Solution: Update to version 33.0.1750.149.
Original Advisory:
- http://googlechromereleases.blogspot.dk/2014/03/stable-channel-update_11.html
"... This update includes 7 security fixes..."

:fear:

AplusWebMaster
2014-03-17, 18:59
FYI...

Chrome 33.0.1750.154 released
- https://secunia.com/advisories/57439/
Release Date: 2014-03-17
Criticality: Highly Critical
Impact: System access
Solution Status: Vendor Patch
CVE Reference(s): CVE-2014-1705, CVE-2014-1713 ...
... vulnerabilities are reported in versions prior to 33.0.1750.152 for Mac and Linux and prior to 33.0.1750.154 for Windows.
Solution: Update to a patched version.
Original Advisory:
- http://googlechromereleases.blogspot.com/2014/03/stable-channel-update_14.html
"... updated to 33.0.1750.152 for Mac and Linux and 33.0.1750.154 for Windows..."
___

Chrome for Android 33.0.1750.166 released
- https://secunia.com/advisories/57440/
Release Date: 2014-03-17
Criticality: Highly Critical
Impact: System access
Solution Status: Vendor Patch
CVE Reference(s):
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1705 - 7.5 (HIGH)
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1710 - 7.5 (HIGH)
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1713 - 7.5 (HIGH)
For more information: https://secunia.com/SA57439/
... vulnerabilities are reported in versions prior to 33.0.1750.166.
Solution: Update to version 33.0.1750.166.
Original Advisory:
- http://googlechromereleases.blogspot.com/2014/03/chrome-for-android-update.html
"... update includes bugs we received from security researchers attending CanSecWest 2014..."

:fear::fear:

AplusWebMaster
2014-04-08, 23:27
FYI...

Chrome 34.0.1847.116 released
- https://secunia.com/advisories/57506/
Release Date: 2014-04-08
Criticality: Highly Critical
Where: From remote
Impact: Unknown, Security Bypass, Cross Site Scripting, System access
CVE Reference(s): CVE-2014-1716, CVE-2014-1717, CVE-2014-1718, CVE-2014-1719, CVE-2014-1720, CVE-2014-1721, CVE-2014-1722, CVE-2014-1723, CVE-2014-1724, CVE-2014-1725, CVE-2014-1726, CVE-2014-1727, CVE-2014-1728, CVE-2014-1729
Solution: Upgrade to version 34.0.1847.116.
Original Advisory:
- http://googlechromereleases.blogspot.dk/2014/04/stable-channel-update.html
"... Flash Player has been updated to 13.0.0.182, which is included w/ this release...
This update includes -31- security fixes..."

:fear:

AplusWebMaster
2014-04-28, 14:19
FYI...

Chrome 34.0.1847.131 released
- https://secunia.com/advisories/58301/
Release Date: 2014-04-28
Criticality: Highly Critical
Where: From remote
Impact: Unknown, System access...
CVE Reference(s): CVE-2014-1730, CVE-2014-1731, CVE-2014-1732, CVE-2014-1733, CVE-2014-1734, CVE-2014-1735
Solution: Update to version 34.0.1847.131 for Windows and Mac or version 34.0.1847.132 for Linux.
Original Advisory:
- http://googlechromereleases.blogspot.com/2014/04/stable-channel-update_24.html
"... This release also contains a Flash Player update, to version 13.0.0.206... This update includes 9 security fixes..."

:fear::fear:

AplusWebMaster
2014-05-13, 23:16
FYI...

Chrome 34.0.1847.137 released
- https://secunia.com/advisories/58312/
Release Date: 2014-05-13
Criticality: Highly Critical
Where: From remote
Impact: Security Bypass, System access
CVE Reference(s): CVE-2014-0510, CVE-2014-0516, CVE-2014-0517, CVE-2014-0518, CVE-2014-0519, CVE-2014-0520, CVE-2014-1740, CVE-2014-1741, CVE-2014-1742
For more information: https://secunia.com/SA58074/
Original Advisory:
- http://googlechromereleases.blogspot.com/2014/05/stable-channel-update.html
"... This release also contains a Flash Player update, to version 13.0.0.214... This update includes 3 security fixes..."

:fear:

AplusWebMaster
2014-05-21, 13:43
FYI...

Chrome 35.0.1916.114 released
- http://www.securitytracker.com/id/1030270
CVE Reference: CVE-2014-1743, CVE-2014-1744, CVE-2014-1745, CVE-2014-1746, CVE-2014-1747, CVE-2014-1748, CVE-2014-1749, CVE-2014-3152
May 22 2014
Impact: Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 35.0.1916.114...
Solution: The vendor has issued a fix (35.0.1916.114).
The vendor's advisory is available at:
- http://googlechromereleases.blogspot.com/2014/05/stable-channel-update_20.html
"... This update includes -23- security fixes..."

:fear::fear:

AplusWebMaster
2014-06-09, 14:50
FYI...

Chrome for Android 35.0.1916.141 released
- https://secunia.com/advisories/57709/
Release Date: 2014-06-09
Criticality: Highly Critical
Where: From remote
Impact: Manipulation of data, Exposure of sensitive information, System access
CVE Reference(s): CVE-2014-0195, CVE-2014-0221, CVE-2014-0224, CVE-2014-3470
For more information: https://secunia.com/SA58403/
... security issue and vulnerability are reported in versions prior to 35.0.1916.141.
Solution: Upgrade to version 35.0.1916.141.
Original Advisory:
- http://googlechromereleases.blogspot.com/2014/06/chrome-for-android-update.html
___

- http://threatpost.com/android-ransomware-first-to-encrypt-data-on-mobile-devices/106535
June 9, 2014

:fear:

AplusWebMaster
2014-06-11, 04:03
FYI...

Chrome 35.0.1916.153 released
- https://secunia.com/advisories/58585/
Release Date: 2014-06-10
Criticality: Highly Critical
Where: From remote
Impact: Unknown, Security Bypass, Cross Site Scripting, System access
Solution Status: Vendor Patch
CVE Reference(s): CVE-2014-0531, CVE-2014-0532, CVE-2014-0533, CVE-2014-0534, CVE-2014-0535,
CVE-2014-0536, CVE-2014-3154, CVE-2014-3155, CVE-2014-3156, CVE-2014-3157
... vulnerabilities are reported in versions prior to 35.0.1916.153.
Solution: Update to version 35.0.1916.153.
Original Advisory:
- http://googlechromereleases.blogspot.com/2014/06/stable-channel-update.html
June 10, 2014 - "... This update includes 4 security fixes..."
___

- http://googlechromereleases.blogspot.com/2014/07/flash-player-update.html
July 8, 2014 - "We are updating Flash Player to version 14.0.0.145 on Windows and Mac via our component update system (i.e. there will not be a Chrome update)..."

:fear:

AplusWebMaster
2014-07-17, 12:44
FYI...

Chrome 36.0.1985.125 released
- https://secunia.com/advisories/60077/
Release Date: 2014-07-17
Criticality: Moderately Critical
Where: From remote
Impact: Unknown, Security Bypass
CVE Reference(s): CVE-2014-3160, CVE-2014-3162
... vulnerabilities are reported in versions prior to 36.0.1985.125.
Solution: Upgrade to version 36.0.1985.125.
Original Advisory:
- http://googlechromereleases.blogspot.com/2014/07/stable-channel-update.html
"... This update includes 26 security fixes..."

:fear:

AplusWebMaster
2014-08-12, 23:15
FYI...

Chrome 36.0.1985.143 released
- http://googlechromereleases.blogspot.com/2014/08/stable-channel-update.html
Aug 12, 2014 - "The Stable Channel has been updated to 36.0.1985.143 for Windows, Mac and Linux. This release contains a Flash Player update... This update includes -12- security fixes..."

- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3165 - 7.5 (HIGH)
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3166 - 5.0
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3167 - 7.5 (HIGH)
___

- http://www.securitytracker.com/id/1030732
CVE Reference: CVE-2014-3165, CVE-2014-3166, CVE-2014-3167
Aug 14 2014
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 36.0.1985.143
Impact: A remote user can create a file that, when loaded by the target user, will execute arbitrary code on the target user's system...
Solution: The vendor has issued a fix (36.0.1985.143)...

:fear:

AplusWebMaster
2014-08-27, 13:22
FYI...

Chrome 37.0.2062.94 released
- http://googlechromereleases.blogspot.com/2014/08/stable-channel-update_26.html
Aug 26, 2014 - "... promotion of Chrome 37 to the stable channel for Windows, Mac and Linux. Chrome 37.0.2062.94 contains a number of fixes and improvements, including:
- DirectWrite support on Windows for improved font rendering
- A number of new apps/extension APIs
- Lots of under the hood changes for stability and performance...
This update includes -50- security fixes..."

- https://secunia.com/advisories/60268/
Release Date: 2014-08-27
Criticality: Highly Critical
Where: From remote
Impact: Unknown, Security Bypass, Spoofing, System access...
CVE Reference(s): CVE-2014-3168, CVE-2014-3169, CVE-2014-3170, CVE-2014-3171, CVE-2014-3172,
CVE-2014-3173, CVE-2014-3174, CVE-2014-3175, CVE-2014-3176, CVE-2014-3177 ...
Some vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to conduct spoofing attacks, bypass certain security restrictions, and compromise a user's system...
Solution: Upgrade to version 37.0.2062.94...

- http://www.securitytracker.com/id/1030767
CVE Reference: CVE-2014-3168, CVE-2014-3169, CVE-2014-3170, CVE-2014-3171, CVE-2014-3172, CVE-2014-3173, CVE-2014-3174, CVE-2014-3175, CVE-2014-3176, CVE-2014-3177
Aug 28 2014
Impact: Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 37.0.2062.94 ...
___

- https://www.us-cert.gov/ncas/current-activity/2014/08/27/Google-Releases-Security-Updates-Chrome
Aug 27, 2014 - "...update includes 50 security fixes some of which could allow a remote attacker to obtain unauthorized access or cause a denial of service..."

:fear: :blink:

AplusWebMaster
2014-09-10, 14:00
FYI...

Chrome 37.0.2062.120 released
- http://googlechromereleases.blogspot.com/2014/09/stable-channel-update_9.html
Sep 9, 2014 - "The stable channel has been updated to 37.0.2062.120 for Windows, Mac and Linux. This release contains an update for Adobe Flash as well as a number of other fixes...
This update includes 4 security fixes..."

- https://secunia.com/advisories/60988/
Release Date: 2014-09-09
Criticality: Highly Critical
Where: From remote
Impact: Unknown, Security Bypass, System access
CVE Reference(s): CVE-2014-0547, CVE-2014-0548, CVE-2014-0549, CVE-2014-0550, CVE-2014-0551, CVE-2014-0552, CVE-2014-0553, CVE-2014-0554, CVE-2014-0555, CVE-2014-0556, CVE-2014-0557, CVE-2014-0559, CVE-2014-3178, CVE-2014-3179
... vulnerabilities are reported in versions prior to 37.0.2062.120.
Solution: Update to version 37.0.2062.120.

:fear:

AplusWebMaster
2014-09-25, 02:32
FYI...

Chrome 37.0.2062.124 released
- http://googlechromereleases.blogspot.com/2014/09/stable-channel-update_24.html
Sep 24, 2014 - "The stable channel has been updated to 37.0.2062.124 for Windows and Mac.
This build contains a security change:
[414124] RSA signature malleability in NSS (CVE-2014-1568)..."

> https://www.us-cert.gov/ncas/current-activity/2014/09/24/Mozilla-Network-Security-Services-NSS-Library-Vulnerability
Sep 24, 2014

- http://www.kb.cert.org/vuls/id/772676
24 Sep 2014 - "... This vulnerability may allow an attacker to forge a RSA signature, such as a SSL certificate..."

- http://www.securitytracker.com/id/1030900
CVE Reference: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-1568 - 7.5 (HIGH)
Sep 24 2014
Impact: Disclosure of system information, Disclosure of user information, Modification of authentication information, Modification of system information, Modification of user information
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 37.0.2062.124 ...

:fear::fear:

AplusWebMaster
2014-10-08, 11:03
FYI...

Chrome 38.0.2125.101 released
- http://googlechromereleases.blogspot.com/2014/10/stable-channel-update.html
Oct 7, 2014 - "... Chrome 38.0.2125.101 contains a number of fixes and improvements... This update includes -159- security fixes, including -113- relatively minor fixes found using MemorySanitizer..."
CVE Reference(s): CVE-2014-3188, CVE-2014-3189, CVE-2014-3190, CVE-2014-3191, CVE-2014-3192, CVE-2014-3193, CVE-2014-3194, CVE-2014-3195, CVE-2014-3196, CVE-2014-3197, CVE-2014-3198, CVE-2014-3199, CVE-2014-3200

- https://www.us-cert.gov/ncas/current-activity/2014/10/07/Google-Releases-Security-Updates-Chrome-and-Chrome-OS
___

- http://www.securitytracker.com/id/1030980
CVE Reference: CVE-2014-3188, CVE-2014-3189, CVE-2014-3190, CVE-2014-3191, CVE-2014-3192, CVE-2014-3193, CVE-2014-3194, CVE-2014-3195, CVE-2014-3196, CVE-2014-3197, CVE-2014-3198, CVE-2014-3199, CVE-2014-3200
Oct 9 2014
Impact: Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 38.0.2125.101 ...

:fear::fear:

AplusWebMaster
2014-10-15, 00:40
FYI...

Chrome 38.0.2125.104 released
- http://googlechromereleases.blogspot.com/2014/10/stable-channel-update_14.html
Oct 14, 2014 - "The stable channel has been updated to 38.0.2125.104 for Windows, Mac and Linux. This release contains an update for Adobe Flash as well as a number of other fixes. A full list of changes is available in the log*..."
* https://chromium.googlesource.com/chromium/src/+log/38.0.2125.101..38.0.2125.104?pretty=fuller&n=10000

CVE Reference(s): CVE-2014-0558, CVE-2014-0564, CVE-2014-0569
___

- https://www.us-cert.gov/ncas/current-activity/2014/10/16/Google-Releases-Security-Updates-Chrome-and-Chrome-OS
Oct 16, 2014

:fear:

AplusWebMaster
2014-11-11, 23:46
FYI...

Chrome 38.0.2125.122 released
- http://googlechromereleases.blogspot.com/2014/11/stable-channel-update.html
Nov 11, 2014 - "The stable channel has been updated to 38.0.2125.122 for Windows, Mac and Linux. This release contains an update for Adobe Flash as well as a number of other fixes. A full list of changes is available in the log*..."
* https://chromium.googlesource.com/chromium/src/+log/38.0.2125.111..38.0.2125.122?pretty=fuller&n=10000

:fear:

AplusWebMaster
2014-11-19, 13:37
FYI...

Chrome 39.0.2171.65 released
- http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_18.html
Nov 18, 2014 - "... Chrome 39.0.2171.65 contains a number of fixes and improvements, including:
64-bit support for Mac
A number of new apps/extension APIs
Lots of under the hood changes for stability and performance ...
This update includes -42- security fixes..."
___

- http://www.securitytracker.com/id/1031241
CVE Reference: CVE-2014-7899, CVE-2014-7900, CVE-2014-7901, CVE-2014-7902, CVE-2014-7903, CVE-2014-7904, CVE-2014-7905, CVE-2014-7906, CVE-2014-7907, CVE-2014-7908, CVE-2014-7909, CVE-2014-7910
Nov 20 2014
Impact: A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can obtain potentially sensitive information.
Solution: The vendor has issued a fix (39.0.2171.65)...

:fear::fear:

AplusWebMaster
2014-11-26, 12:11
FYI...

Chrome 39.0.2171.71 released
- http://googlechromereleases.blogspot.com/2014/11/stable-channel-update_25.html
Nov 25, 2014 - "The stable channel has been updated to 39.0.2171.71 for Windows, Mac and Linux. This release contains an update for Adobe Flash* as well as a number of other fixes..."

* https://helpx.adobe.com/flash-player/release-note/fp_15_air_15_release_notes.html
Nov 25, 2014

:fear::fear:

AplusWebMaster
2014-12-10, 06:52
FYI...

Chrome 39.0.2171.95 released
- http://googlechromereleases.blogspot.com/2014/12/stable-channel-update.html
Dec 9, 2014 - "The stable channel has been updated to 39.0.2171.95 for Windows, Mac and Linux. This release contains an update for Adobe Flash as well as a number of other fixes..."

:fear:

AplusWebMaster
2015-01-14, 00:49
FYI...

Chrome 39.0.2171.99 released
- http://googlechromereleases.blogspot.com/2015/01/stable-channel-update.html
Jan 13, 2015 - "The stable channel has been updated to 39.0.2171.99 for Windows, Mac and Linux. This release contains an update for Adobe -Flash- as well as a number of other fixes. A full list of changes is available in the log*..."
* https://chromium.googlesource.com/chromium/src/+log/39.0.2171.95..39.0.2171.99?pretty=fuller&n=10000

:fear:

AplusWebMaster
2015-01-22, 20:35
FYI...

Chrome 40.0.2214.91 released
- http://googlechromereleases.blogspot.com/2015/01/stable-update.html
Jan 21 2015 - "... promotion of Chrome 40 to the stable channel for Windows, Mac and Linux. Chrome 40.0.2214.91 contains a number of fixes and improvements, including:
Updated info dialog for Chrome app on Windows and Linux.
A new clock behind/ahead error message.
A partial list of changes is available in the log*... This update includes -62- security fixes..."
* https://chromium.googlesource.com/chromium/src/+log/39.0.2171.0..40.0.2214.0?pretty=fuller&n=10000

["Comments" read: "... flash player version now 16.287"
___

- http://www.securitytracker.com/id/1031623
CVE Reference: CVE-2014-7923, CVE-2014-7924, CVE-2014-7925, CVE-2014-7926, CVE-2014-7927, CVE-2014-7928, CVE-2014-7929, CVE-2014-7930, CVE-2014-7931, CVE-2014-7932, CVE-2014-7933, CVE-2014-7934, CVE-2014-7935, CVE-2014-7936, CVE-2014-7937, CVE-2014-7938, CVE-2014-7939, CVE-2014-7940, CVE-2014-7941, CVE-2014-7942, CVE-2014-7943, CVE-2014-7944, CVE-2014-7945, CVE-2014-7946, CVE-2014-7947, CVE-2014-7948, CVE-2015-1205, CVE-2015-1346
Jan 23 2015
Impact: Denial of service via network, Execution of arbitrary code via network, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 40.0.2214.91 ...
Solution: The vendor has issued a fix (40.0.2214.91)...

:fear::fear:

AplusWebMaster
2015-01-27, 07:19
FYI...

Chrome 40.0.2214.93 released
- http://googlechromereleases.blogspot.com/2015/01/stable-channel-update_26.html
Jan 26, 2015 - "The stable channel has been updated to 40.0.2214.93 for Windows, Mac and Linux. A full list of changes is available in the log*..."
* https://chromium.googlesource.com/chromium/src/+log/40.0.2214.91..40.0.2214.93?pretty=fuller&n=10000

:fear:

AplusWebMaster
2015-02-06, 00:32
FYI...

Chrome 40.0.2214.111 released
- http://googlechromereleases.blogspot.com/2015/02/stable-channel-update.html
Feb 5, 2015 - "The stable channel has been updated to 40.0.2214.111 for Windows, Mac and Linux...
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed.
This update includes 11 security fixes..."
___

- http://www.securitytracker.com/id/1031709
CVE Reference: CVE-2015-1209, CVE-2015-1210, CVE-2015-1211, CVE-2015-1212
Feb 6 2015
Impact: Disclosure of system information, Execution of arbitrary code via network, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 40.0.2214.111 ...
Solution: The vendor has issued a fix (40.0.2214.111).
The vendor's advisory is available at:
- http://googlechromereleases.blogspot.com/2015/02/stable-channel-update.html

:fear::fear:

AplusWebMaster
2015-02-20, 16:53
FYI...

Chrome 40.0.2214.115 released
- http://googlechromereleases.blogspot.com/2015/02/stable-channel-update_19.html
Feb 19, 2015 - "The stable channel has been updated to 40.0.2214.115 for Windows, Mac and Linux. A full list of changes is available in the log..."

:fear:

AplusWebMaster
2015-03-04, 15:05
FYI...

Chrome 41.0.2272.76 released
- http://googlechromereleases.blogspot.dk/2015/03/stable-channel-update.html
Mar 3, 2015 - "The Chrome team is delighted to announce the promotion of Chrome 41 to the stable channel for Windows, Mac and Linux. Chrome 41.0.2272.76 contains a number of fixes and improvements, including:
A number of new apps/extension APIs
Lots of under the hood changes for stability and performance
This update includes -51- security fixes..."
___

CVE Reference(s): CVE-2015-1212, CVE-2015-1213, CVE-2015-1214, CVE-2015-1215, CVE-2015-1216, CVE-2015-1217, CVE-2015-1218, CVE-2015-1219, CVE-2015-1220, CVE-2015-1221, CVE-2015-1222, CVE-2015-1223, CVE-2015-1224, CVE-2015-1225, CVE-2015-1226, CVE-2015-1227, CVE-2015-1228, CVE-2015-1229, CVE-2015-1230, CVE-2015-1231

:fear::fear:

AplusWebMaster
2015-03-21, 09:43
FYI...

Chrome 41.0.2272.101 released
- http://googlechromereleases.blogspot.dk/2015/03/stable-channel-update_19.html
March 19, 2015 - "The stable channel has been updated to 41.0.2272.101 for Windows, Mac and Linux. A partial list of changes is available in the log..."
___

All four major browsers take a stomping at Pwn2Own...
- http://arstechnica.com/security/2015/03/all-four-major-browsers-take-a-stomping-at-pwn2own-hacking-competition/
Mar 20, 2015 - "The annual Pwn2Own hacking competition wrapped up its 2015 event in Vancouver with another banner year, paying $442,000 for 21 critical bugs in all four major browsers, as well as Windows, Adobe Flash, and Adobe Reader..."

:fear::fear:

AplusWebMaster
2015-04-02, 03:15
FYI...

Chrome 41.0.2272.118 released
- http://googlechromereleases.blogspot.com/2015/04/stable-channel-update.html
Apr 1, 2015 - "The stable channel has been updated to 41.0.2272.118 for Windows, Mac and Linux. A partial list of changes is available in the log... This update includes 4 security fixes..."
___

- http://www.securitytracker.com/id/1032012
CVE Reference:
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1233 - 7.5 (HIGH)
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1234 - 6.8
Apr 2 2015
Impact: Execution of arbitrary code via network, User access via network
Fix Available: Yes Vendor Confirmed: Yes ...
Solution: The vendor has issued a fix (41.0.2272.118).

:fear:

AplusWebMaster
2015-04-14, 22:53
FYI...

Chrome 42.0.2311.90 released
- http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_14.html
April 14, 2015 - "The Chrome team is overjoyed to announce the promotion of Chrome 42 to the stable channel for Windows, Mac and Linux. Chrome 42.0.2311.90 contains a number of fixes and improvements... This update includes -45- security fixes..."

:fear::fear:

AplusWebMaster
2015-04-29, 16:40
FYI...

Chrome 42.0.2311.135 released
- http://googlechromereleases.blogspot.com/2015/04/stable-channel-update_28.html
April 28, 2015 - "The stable channel has been updated to 42.0.2311.135 for Windows, Mac and Linux... This update includes -5- security fixes..."

Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
___

- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1243 - 7.5 (HIGH)

:fear::fear:

AplusWebMaster
2015-05-12, 21:38
FYI...

Chrome 42.0.2311.15 released
- http://googlechromereleases.blogspot.com/2015/05/stable-channel-update.html
May 12, 2015 - "The stable channel has been updated to 42.0.2311.152 for Windows, Mac and Linux. The -only- change in this update is a new version of Adobe Flash (17.0.0.188)..."

:fear:

AplusWebMaster
2015-05-20, 12:51
FYI...

Chrome 43.0.2357.65 released
- http://googlechromereleases.blogspot.com/2015/05/stable-channel-update_19.html
May 19, 2015 - "The Chrome team is happy to announce the promotion of Chrome 43 to the stable channel for Windows, Mac and Linux. Chrome 43.0.2357.65 contains a number of fixes and improvements... This update includes -37- security fixes..."
___

- https://www.us-cert.gov/ncas/current-activity/2015/05/19/Google-Releases-Security-Update-Chrome
May 19, 2015
___

- http://www.securitytracker.com/id/1032375
CVE Reference: CVE-2015-1251, CVE-2015-1252, CVE-2015-1253, CVE-2015-1254, CVE-2015-1255, CVE-2015-1256, CVE-2015-1257, CVE-2015-1258, CVE-2015-1259, CVE-2015-1260, CVE-2015-1261, CVE-2015-1262, CVE-2015-1263, CVE-2015-1264, CVE-2015-1265
May 21 2015
Impact: Disclosure of authentication information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 43.0.2357.65 ...

:fear:

AplusWebMaster
2015-06-09, 23:28
FYI...

Chrome 43.0.2357.124 released
- http://googlechromereleases.blogspot.com/2015/06/stable-channel-update.html
June 9, 2015 - "The stable channel has been updated to 43.0.2357.124 for Windows, Mac and Linux. A partial list of changes is available in the log. Key Changes:
Updated Adobe Flash Player to 18.0.0.160 ..."

:fear:

AplusWebMaster
2015-06-23, 03:20
FYI...

Chrome v43.0.2357.130 released
- http://googlechromereleases.blogspot.com/2015/06/chrome-stable-update.html
June 22, 2015 - "The stable channel has been updated to 43.0.2357.130 for Windows, Mac, and Linux. A partial list of changes is available in the log... Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
Below, we highlight 4 fixes that were contributed by external researchers...
High CVE-2015-1266: Scheme validation error in WebUI. Credit to anonymous.
High CVE-2015-1268: Cross-origin bypass in Blink. Credit to Mariusz Mlynski.
Medium CVE-2015-1267: Cross-origin bypass in Blink. Credit to anonymous.
Medium CVE-2015-1269: Normalization error in HSTS/HPKP preload list. Credit to Mike Ruddy..."

:fear:

AplusWebMaster
2015-07-08, 21:26
FYI...

Chrome 43.0.2357.132 released
- http://googlechromereleases.blogspot.com/2015_07_01_archive.html
July 7, 2015 - "The stable channel has been updated to 43.0.2357.132 for Windows, Mac, and Linux..."

... comments:
- July 08, 2015
> "... this version of Chrome does include Flash 18.0.0.203"
> "... the schedule has Chrome 44 arriving July 14, 2015, with Chrome 45 following in early September (1st or 8th)."

:fear::fear:

AplusWebMaster
2015-07-14, 18:57
FYI...

Chrome 43.0.2357.134 released
- http://googlechromereleases.blogspot.com/2015_07_01_archive.html
July 14, 2015 - "The stable channel has been updated to 43.0.2357.134 for Windows, Mac, and Linux. This release contains a critical update to Adobe Flash Player (18.0.0.209) and a fix for a full screen casting issue..."

:fear:

AplusWebMaster
2015-07-23, 17:30
FYI...

Chrome 44.0.2403.89 released
- http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html
July 21, 2015 - "... announcing the promotion of Chrome 44 to the stable channel for Windows, Mac and Linux. Chrome 44.0.2403.89 contains a number of fixes and improvements... This update includes -43- security fixes..."
___

- http://www.securitytracker.com/id/1033031
CVE Reference: CVE-2015-1270, CVE-2015-1271, CVE-2015-1272, CVE-2015-1273, CVE-2015-1274, CVE-2015-1275, CVE-2015-1276, CVE-2015-1277, CVE-2015-1278, CVE-2015-1279, CVE-2015-1280, CVE-2015-1281, CVE-2015-1282, CVE-2015-1283, CVE-2015-1284, CVE-2015-1285, CVE-2015-1286, CVE-2015-1287, CVE-2015-1288, CVE-2015-1289, CVE-2015-5605
Jul 23 2015
Impact: Disclosure of authentication information, Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of system information, Modification of user information, User access via network
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 44.0.2403.89 ...

:fear::fear:

AplusWebMaster
2015-07-28, 19:28
FYI...

Chrome 44.0.2403.107 released
- http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_24.html
July 24, 2015 - "The stable channel has been updated to 44.0.2403.107 for Windows, Mac and Linux. A partial list of changes is available in the log*..."
* https://chromium.googlesource.com/chromium/src/+log/44.0.2403.89..44.0.2403.107?pretty=fuller&n=10000

> http://googleprojectzero.blogspot.com/2015/07/significant-flash-exploit-mitigations_16.html
July 16, 2015 - "... if you're running Google Chrome, you can visit about:version to check the versions of various components. If you have Flash v18.0.0.209 (or newer), then you have the new goodies. If not, you can (on Windows) visit chrome://chrome to give the autoupdater a kick..."

:fear:

AplusWebMaster
2015-08-11, 23:49
FYI...

Chrome 44.0.2403.155 released
- http://googlechromereleases.blogspot.com/2015/08/stable-channel-update_11.html
Aug 11, 2015 - "The stable channel has been updated to 44.0.2403.155 for Windows, Mac, and Linux..."
Comments: "... automatic update not working*"

* http://googleprojectzero.blogspot.com/2015/07/significant-flash-exploit-mitigations_16.html
"... if you're running Google Chrome, you can visit about:version to check the versions of various components... you can (on Windows) visit chrome://chrome to give the autoupdater a kick..."

:fear::fear:

AplusWebMaster
2015-09-02, 16:52
FYI...

Chrome 45.0.2454.85 released
- http://googlechromereleases.blogspot.com/2015/09/stable-channel-update.html
Sep 1, 2015 - "... Chrome 45.0.2454.85 contains a number of fixes and improvements - a list of changes is available in the log... This update includes -29- security fixes..."

- https://www.us-cert.gov/ncas/current-activity/2015/09/01/Google-Releases-Security-Update-Chrome
Sep 1, 2015
___

- http://www.securitytracker.com/id/1033472
CVE Reference: CVE-2015-1291, CVE-2015-1292, CVE-2015-1293, CVE-2015-1294, CVE-2015-1295, CVE-2015-1296, CVE-2015-1297, CVE-2015-1298, CVE-2015-1299, CVE-2015-1300, CVE-2015-1301, CVE-2015-6580, CVE-2015-6581, CVE-2015-6582, CVE-2015-6583
Sep 4 2015
Impact: Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
Fix Available: Yes Vendor Confirmed: Yes ...
Solution: The vendor has issued a fix (45.0.2454.85)...

:fear::fear:

AplusWebMaster
2015-09-18, 19:12
FYI...

Chrome 45.0.2454.93
- http://googlechromereleases.blogspot.com/2015/09/stable-channel-update_15.html
Sep 15, 2015 - " The stable channel has been updated to 45.0.2454.93 for Windows, Mac, and Linux. A list of changes is available in the log*..."
* https://chromium.googlesource.com/chromium/src/+log/45.0.2454.85..45.0.2454.93?pretty=fuller&n=10000

:fear:

AplusWebMaster
2015-09-22, 01:50
FYI...

Chrome 45.0.2454.99 released
- http://googlechromereleases.blogspot.com/2015/09/stable-channel-refresh.html
Sep 21, 2015 - "The stable channel has been updated to 45.0.2454.99 for Windows, Mac, and Linux. This release contains a -critical- update to Adobe Flash Player (19.0.0.185)..."

:fear::fear:

AplusWebMaster
2015-09-26, 16:29
FYI...

Chrome 45.0.2454.101 released
- http://googlechromereleases.blogspot.com/2015/09/stable-channel-update_24.html
Sep 24, 2015 - "The stable channel has been updated to 45.0.2454.101 for Windows, Mac, and Linux...
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix..."

- https://www.us-cert.gov/ncas/current-activity/2015/09/25/Google-Release-Security-Update-Chrome-0
Sep 25, 2015 - "Google has released Chrome version 45.0.2454.101 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of one of these vulnerabilities may allow a remote attacker to obtain sensitive information from an affected system..."
___

- http://www.securitytracker.com/id/1033683
CVE Reference: CVE-2015-1303, CVE-2015-1304
Sep 30 2015
Impact: Disclosure of system information, Disclosure of user information, Modification of system information, Modification of user information
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 45.0.2454.101 ...
Impact: A remote user can bypass cross-origin security controls on the target system.
Solution: The vendor has issued a fix (45.0.2454.101)...

:fear::fear:

AplusWebMaster
2015-10-13, 21:14
FYI...

Chrome 46.0.2490.71 released
- http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html
Oct 13, 2015 - "... promotion of Chrome 46 to the stable channel for Windows, Mac and Linux... Chrome 46.0.2490.71 contains a number of fixes and improvements...
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
This update includes -24- security fixes..."
___

Stable Channel Updates
> http://googlechromereleases.blogspot.com/2015/10/stable-channel-update.html
___

- https://www.us-cert.gov/ncas/current-activity/2015/10/13/Google-Releases-Security-Update-Chrome
Oct 13, 2015
___

- http://www.securitytracker.com/id/1033816
CVE Reference: CVE-2015-6755, CVE-2015-6756, CVE-2015-6757, CVE-2015-6758, CVE-2015-6759, CVE-2015-6760, CVE-2015-6761, CVE-2015-6762, CVE-2015-6763
Oct 15 2015
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 46.0.2490.71 ...
Solution: The vendor has issued a fix (46.0.2490.71) ...

:fear::fear:

AplusWebMaster
2015-10-24, 12:56
FYI...

Chrome 46.0.2490.80 released
- http://googlechromereleases.blogspot.fr/2015/10/stable-channel-update_22.html
Oct 22, 2015 - "The stable channel has been updated to 46.0.2490.80 for Windows, Mac, and Linux. This release contains a critical update to Adobe Flash Player (19.0.0.226)..."

:fear::fear:

AplusWebMaster
2015-11-11, 20:05
FYI...

Chrome 46.0.2490.86 released
- http://googlechromereleases.blogspot.fr/2015/11/stable-channel-update.html
Nov 10, 2015 - "The stable channel has been updated to 46.0.2490.86 for Windows, Mac, and Linux. This release contains an update to Adobe Flash Player (19.0.0.245) and security fixes..."
___

- http://www.computerworld.com/article/3004014/web-browsers/google-cuts-off-chrome-updates-on-windows-xp-and-vista.html
Nov 10, 2015 - "... PCs running XP and Vista will be able to keep using Chrome after April 2016, but Google will cease providing -updates- to its browser*, including security-focused patches..."
* http://chrome.blogspot.com/2015/11/updates-to-chrome-platform-support.html

:fear::fear:

AplusWebMaster
2015-12-02, 19:57
FYI...

Chrome 47.0.2526.73 released
- http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html
Dec 1, 2015 - " The Chrome team is delighted to announce the promotion of Chrome 47 to the stable channel for Windows, Mac and Linux. Chrome 47.0.2526.73 contains a number of fixes and improvements...
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
This update includes -41- security fixes..."

- https://www.us-cert.gov/ncas/current-activity/2015/12/01/Google-Releases-Security-Update-Chrome
Dec 1, 2015
___

- http://www.securitytracker.com/id/1034298
CVE Reference: CVE-2015-6764, CVE-2015-6765, CVE-2015-6766, CVE-2015-6767, CVE-2015-6768, CVE-2015-6769, CVE-2015-6770, CVE-2015-6771, CVE-2015-6772, CVE-2015-6773, CVE-2015-6774, CVE-2015-6775, CVE-2015-6776, CVE-2015-6777, CVE-2015-6778, CVE-2015-6779, CVE-2015-6780, CVE-2015-6781, CVE-2015-6782, CVE-2015-6783, CVE-2015-6784, CVE-2015-6785, CVE-2015-6786, CVE-2015-6787
Dec 7 2015
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 47.0.2526.73 ...
Impact: A remote user can execute arbitrary code on the target system.
A remote user can bypass security controls on the target system.
A remote user can spoof content.
Solution: The vendor has issued a fix (47.0.2526.73).
The vendor's advisory is available at:
- http://googlechromereleases.blogspot.com/2015/12/stable-channel-update.html

:fear::fear:

AplusWebMaster
2015-12-09, 02:43
FYI...

Chrome 47.0.2526.80 released
- http://googlechromereleases.blogspot.com/2015/12/stable-channel-update_8.html
Dec 8, 2015 - "The stable channel has been updated to 47.0.2526.80 for Windows, Mac, and Linux. This release contains an update to Adobe Flash Player (20.0.0.228) and security fixes...
This update includes -7- security fixes..."
___

- https://www.us-cert.gov/ncas/current-activity/2015/12/08/Google-Releases-Security-Update-Chrome
Dec 08, 2015

:fear::fear:

AplusWebMaster
2015-12-16, 00:35
FYI...

Chrome 47.0.2526.106 released
- http://googlechromereleases.blogspot.com/2015/12/stable-channel-update_15.html
Dec 15, 2015 - "The stable channel has been updated to 47.0.2526.106 for Windows, Mac, and Linux.
Security Fixes
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
This update includes -2- security fixes as part of our ongoing internal security work..."

- https://www.us-cert.gov/ncas/current-activity/2015/12/15/Google-Releases-Security-Update-Chrome
Dec 15, 2015
___

- http://www.securitytracker.com/id/1034491
CVE Reference: CVE-2015-6792
Dec 18 2015
Description: Two vulnerabilities were reported in Google Chrome. A remote user can cause arbitrary code to be executed on the target user's system.
A remote user can create specially crafted content that, when loaded by the target user, will execute arbitrary code on the target user's system.
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution: The vendor has issued a fix (47.0.2526.106)...

:fear:

AplusWebMaster
2016-01-14, 20:30
FYI...

Chrome 47.0.2526.111 released
- http://googlechromereleases.blogspot.com/2016/01/stable-channel-update.html
Jan 13, 2016 - "The stable channel has been updated to 47.0.2526.111 for Windows, Mac, and Linux.
A partial list of changes is available in the log*..."
(See 'Comments'...)

* https://chromium.googlesource.com/chromium/src/+log/47.0.2526.106..47.0.2526.111?pretty=fuller&n=10000

:fear:

AplusWebMaster
2016-01-21, 18:30
FYI...

Chrome 48.0.2564.82 released
- http://googlechromereleases.blogspot.com/2016/01/stable-channel-update_20.html
Jan 20, 2016 - "... Chrome 48.0.2564.82 contains a number of fixes and improvements - a list of changes is available in the log*... This update includes -37- security fixes..."
* https://chromium.googlesource.com/chromium/src/+log/47.0.2526.111..48.0.2564.82?pretty=fuller&n=10000

- https://www.us-cert.gov/ncas/current-activity/2016/01/20/Google-Releases-Security-Update-Chrome
Jan 20, 2016
___

- http://www.securitytracker.com/id/1034801
CVE Reference: CVE-2016-1612, CVE-2016-1613, CVE-2016-1614, CVE-2016-1615, CVE-2016-1616, CVE-2016-1617, CVE-2016-1618, CVE-2016-1619, CVE-2016-1620
Jan 22 2016
Fix Available: Yes Vendor Confirmed: Yes
Version(s): Prior to 48.0.2564.82 ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can bypass security controls on the target system.
A remote user can obtain potentially sensitive information on the target system.
A remote user can spoof a URL.
Solution: The vendor has issued a fix (48.0.2564.82)...

:fear::fear:

AplusWebMaster
2016-02-07, 23:22
FYI...

Chrome 48.0.2564.103 released
- http://googlechromereleases.blogspot.com/2016/02/stable-channel-update.html
Feb 3, 2016 - "The stable channel has been updated to 48.0.2564.103 for Windows, Mac, and Linux. A list of changes is available in the log*..."

* https://chromium.googlesource.com/chromium/src/+log/48.0.2564.97..48.0.2564.103?pretty=fuller&n=10000

:fear::fear:

AplusWebMaster
2016-02-09, 23:10
FYI...

Chrome 48.0.2564.109 released
- http://googlechromereleases.blogspot.com/2016/02/stable-channel-update_9.html
Feb 9, 2016 - "The stable channel has been updated to 48.0.2564.109 for Windows, Mac, and Linux... This update includes -6- security fixes..."

[ Includes Flash update 20.0.0.306 ]

- https://www.us-cert.gov/ncas/current-activity/2016/02/09/Google-Releases-Security-Update-Chrome
Feb 9, 2016

:fear::fear:

AplusWebMaster
2016-02-19, 14:39
FYI...

Chrome 48.0.2564.116 released
- http://googlechromereleases.blogspot.com/2016/02/stable-channel-update_18.html
Feb 18, 2016 - "The stable channel has been updated to 48.0.2564.116 for Windows, Mac, and Linux... This update includes the following security fix contributed by an external researcher...
[583431] Critical CVE-2016-1629: Same-origin bypass in Blink and Sandbox escape in Chrome..."

- https://www.us-cert.gov/ncas/current-activity/2016/02/18/Google-Releases-Security-Update-Chrome
Feb 18, 2016

:fear::fear:

AplusWebMaster
2016-03-03, 05:10
FYI...

Chrome 49.0.2623.75 released
- http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html
Mar 2, 2016 - "The Chrome team is delighted to announce the promotion of Chrome 49 to the stable channel for Windows, Mac and Linux. Chrome 49.0.2623.75 contains a number of fixes and improvements - a list of changes is available in the log... This update includes -26- security fixes...

High CVE-2016-1630: Same-origin bypass in Blink.
High CVE-2016-1631: Same-origin bypass in Pepper Plugin.
High CVE-2016-1632: Bad cast in Extensions.
High CVE-2016-1633: Use-after-free in Blink.
High CVE-2016-1634: Use-after-free in Blink.
High CVE-2016-1635: Use-after-free in Blink.
High CVE-2016-1636: SRI Validation Bypass.
High CVE-2015-8126: Out-of-bounds access in libpng..."

- http://www.securitytracker.com/id/1035185
CVE Reference: CVE-2016-1630, CVE-2016-1631, CVE-2016-1632, CVE-2016-1633, CVE-2016-1634, CVE-2016-1635, CVE-2016-1636, CVE-2016-1637, CVE-2016-1638, CVE-2016-1639, CVE-2016-1640, CVE-2016-1641, CVE-2016-1642
Mar 4 2016
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 49.0.2623.75 ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can bypass security controls on the target system.
A remote user can obtain potentially sensitive information on the target system.
Solution: The vendor has issued a fix (49.0.2623.75)...
___

- https://www.us-cert.gov/ncas/current-activity/2016/03/02/Google-Releases-Security-Update-Chrome
Mar 2, 2016

:fear::fear:

AplusWebMaster
2016-03-09, 21:33
FYI...

Chrome 49.0.2623.87 released
- http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_8.html
March 8, 2016 - "The stable channel has been updated to 49.0.2623.87 for Windows, Mac, and Linux... This update includes -3- security fixes that were contributed by external researchers...
High CVE-2016-1643: Type confusion in Blink. Credit to cloudfuzzer.
High CVE-2016-1644: Use-after-free in Blink. Credit to Atte Kettunen of OUSPG.
High CVE-2016-1645: Out-of-bounds write in PDFium. Credit to anonymous working with HP's Zero Day Initiative..."
___

- http://www.securitytracker.com/id/1035259
CVE Reference: CVE-2016-1643, CVE-2016-1644, CVE-2016-1645
Mar 14 2016
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 49.0.2623.87 ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution: The vendor has issued a fix (49.0.2623.87)...
___

- https://www.us-cert.gov/ncas/current-activity/2016/03/08/Google-Releases-Security-Update-Chrome
March 8, 2016

:fear::fear:

AplusWebMaster
2016-03-25, 15:47
FYI...

Chrome 49.0.2623.108 released
- http://googlechromereleases.blogspot.com/2016/03/stable-channel-update_24.html
March 24, 2016 - "The stable channel has been updated to 49.0.2623.108 for Windows, Mac, and Linux...
This update includes -5- security fixes...
High CVE-2016-1646: Out-of-bounds read in V8...
High CVE-2016-1647: Use-after-free in Navigation...
High CVE-2016-1648: Use-after-free in Extensions...
High CVE-2016-1649: Buffer overflow in libANGLE...
CVE-2016-1650: Various fixes from internal audits, fuzzing and other initiatives...
___

- http://www.securitytracker.com/id/1035423
CVE Reference: CVE-2016-1646, CVE-2016-1647, CVE-2016-1648, CVE-2016-1649, CVE-2016-1650
Mar 26 2016
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 49.0.2623.108...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution: The vendor has issued a fix (49.0.2623.108)...
___

- https://www.us-cert.gov/ncas/current-activity/2016/03/24/Google-Releases-Security-Update-Chrome
March 24, 2016

:fear::fear:

AplusWebMaster
2016-04-08, 16:31
FYI...

Chrome 49.0.2623.112 released
- http://googlechromereleases.blogspot.com/2016/04/stable-channel-update.html
Apr 7, 2016 - "The stable channel has been updated to 49.0.2623.112 for Windows, Mac, and Linux... A list of changes is available in the log..."

> http://www.adobe.com/software/flash/about/

:fear::fear:

AplusWebMaster
2016-04-14, 15:22
FYI...

Chrome 50.0.2661.75 released
- http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_13.html
April 13, 2016 - "... Chrome 50.0.2661.75 contains a number of fixes and improvements - a list of changes is available in the log... This update includes -20- security fixes..."

- https://www.us-cert.gov/ncas/current-activity/2016/04/13/Google-Releases-Security-Update-Chrome
April 13, 2016

:fear::fear:

AplusWebMaster
2016-04-29, 20:30
FYI...

Chrome 50.0.2661.94 released
- http://googlechromereleases.blogspot.com/2016/04/stable-channel-update_28.html
April 28, 2016 - "The stable channel has been updated to 50.0.2661.94 for Windows, Mac, and Linux...
This update includes -9- security fixes...
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix...
___

- https://www.us-cert.gov/ncas/current-activity/2016/04/28/Google-Releases-Security-Update-Chrome
April 28, 2016

:fear:

AplusWebMaster
2016-05-12, 05:21
FYI...

Chrome 50.0.2661.102 released
- http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html
May 11, 2016 - "The stable channel has been updated to 50.0.2661.102 for Windows, Mac, and Linux... This update includes -5- security fixes..."
___

- http://www.securitytracker.com/id/1035872
CVE Reference: CVE-2016-1667, CVE-2016-1668, CVE-2016-1669, CVE-2016-1670, CVE-2016-1671
May 12 2016
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 50.0.2661.102 ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can view files on the target system.
A remote user can bypass same-origin restrictions on the target system.
Solution: The vendor has issued a fix (50.0.2661.102)...
___

- https://www.us-cert.gov/ncas/current-activity/2016/05/11/Google-Releases-Security-Update-Chrome
May 11, 2016

:fear::fear:

AplusWebMaster
2016-05-26, 22:23
FYI...

Chrome 51.0.2704.63 released
- http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html
May 25, 2016 - "... Chrome 51.0.2704.63 contains a number of fixes and improvements...
This update includes -42- security fixes..."

- https://www.us-cert.gov/ncas/current-activity/2016/05/26/Google-Releases-Security-Update-Chrome
May 26, 2016
___

- http://www.securitytracker.com/id/1035981
CVE Reference: CVE-2016-1672, CVE-2016-1673, CVE-2016-1674, CVE-2016-1675, CVE-2016-1676, CVE-2016-1677, CVE-2016-1678, CVE-2016-1679, CVE-2016-1680, CVE-2016-1681, CVE-2016-1682, CVE-2016-1683, CVE-2016-1684, CVE-2016-1685, CVE-2016-1686, CVE-2016-1687, CVE-2016-1688, CVE-2016-1689, CVE-2016-1690, CVE-2016-1691, CVE-2016-1692, CVE-2016-1693, CVE-2016-1694, CVE-2016-1695
May 27 2016
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 51.0.2704.63 ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can bypass security controls on the target system.
A remote user can obtain potentially sensitive information on the target system.
Solution: The vendor has issued a fix (51.0.2704.63)...

:fear::fear:

AplusWebMaster
2016-06-02, 19:46
FYI...

Chrome 51.0.2704.79 released
- http://googlechromereleases.blogspot.com/2016/06/stable-channel-update.html
June 1, 2016 - "The stable channel has been updated to 51.0.2704.79 for Windows, Mac, and Linux...
This update includes -15- security fixes..."

- https://www.us-cert.gov/ncas/current-activity/2016/06/02/Google-Releases-Security-Update-Chrome
June 02, 2016
___

- http://www.securitytracker.com/id/1036026
CVE Reference: CVE-2016-1696, CVE-2016-1697, CVE-2016-1698, CVE-2016-1699, CVE-2016-1700, CVE-2016-1701, CVE-2016-1702, CVE-2016-1703
Jun 3 2016
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 51.0.2704.79 ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can bypass security controls on the target system.
A remote user can obtain potentially sensitive information on the target system.
Solution: The vendor has issued a fix (51.0.2704.79)...

:fear::fear:

AplusWebMaster
2016-06-07, 13:53
FYI...

Chrome 51.0.2704.84 released
- http://googlechromereleases.blogspot.com/2016/06/stable-channel-update_6.html
June 6, 2016 - "The stable channel has been updated to 51.0.2704.84 for Windows, Mac, and Linux.
A list of changes is available in the log..."

:fear::fear:

AplusWebMaster
2016-06-18, 00:31
FYI...

Chrome 51.0.2704.103 released
- https://googlechromereleases.blogspot.com/2016/06/stable-channel-update_16.html
June 16, 2016 - "The stable channel has been updated to 51.0.2704.103 for Windows, Mac, and Linux...
This update includes 3 security fixes..."

> https://www.us-cert.gov/ncas/current-activity/2016/06/17/Google-Releases-Security-Update-Chrome
June 17, 2016

:fear:

AplusWebMaster
2016-06-24, 15:24
FYI...

Chrome 51.0.2704.106 released
- https://googlechromereleases.blogspot.ca/2016/06/stable-channel-update_23.html
June 23, 2016 - "The stable channel has been updated to 51.0.2704.106 for Windows, Mac, and Linux. A list of changes is available in the log..."

Update Google Chrome
- https://support.google.com/chrome/answer/95414

:fear::fear:

AplusWebMaster
2016-07-21, 13:51
FYI...

Chrome 52.0.2743.82 released
- https://googlechromereleases.blogspot.ca/2016/07/stable-channel-update.html
July 20, 2016 - "... promotion of Chrome 52 to the stable channel for Windows, Mac and Linux. Chrome 52.0.2743.82 contains a number of fixes and improvements - a list of changes is available in the log...
This update includes -48- security fixes..."
___

- http://www.securitytracker.com/id/1036428
CVE Reference: CVE-2016-1705, CVE-2016-1706, CVE-2016-1707, CVE-2016-1708, CVE-2016-1709, CVE-2016-1710, CVE-2016-1711, CVE-2016-5127, CVE-2016-5128, CVE-2016-5129, CVE-2016-5130, CVE-2016-5131, CVE-2016-5132, CVE-2016-5133, CVE-2016-5134, CVE-2016-5135, CVE-2016-5136, CVE-2016-5137
Jul 22 2016
Fix Available: Yes Vendor Confirmed: Yes
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can bypass security controls on the target system.
A remote user can obtain potentially sensitive information on the target system.
A remote user can spoof a URL.
Solution: The vendor has issued a fix (52.0.2743.82)...

- https://www.us-cert.gov/ncas/current-activity/2016/07/21/Google-Releases-Security-Update-Chrome
July 21, 2016

:fear:

AplusWebMaster
2016-08-07, 13:40
FYI...

Chrome 52.0.2743.116 released
- https://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop.html
Aug 3, 2016 - "The stable channel has been updated to 52.0.2743.116 for Windows, Mac, and Linux. This will roll out over the coming days/weeks... This update includes -10- security fixes...
Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed..."

- http://www.securitytracker.com/id/1036547
CVE Reference: CVE-2016-5139, CVE-2016-5140, CVE-2016-5141, CVE-2016-5142, CVE-2016-5143, CVE-2016-5144, CVE-2016-5145, CVE-2016-5146
Aug 6 2016
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 52.0.2743.116 ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can bypass security controls on the target system.
A remote user can spoof a URL.
Solution: The vendor has issued a fix (52.0.2743.116)...

:fear:

AplusWebMaster
2016-09-01, 14:02
FYI...

Chrome 53.0.2785.89 released
- https://googlechromereleases.blogspot.com/2016/08/stable-channel-update-for-desktop_31.html
Aug 31, 2016 - "The Chrome team is delighted to announce the promotion of Chrome 53 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 53.0.2785.89 contains a number of fixes and improvements... This update includes -33- security fixes..."
___

- http://www.securitytracker.com/id/1036729
CVE Reference: CVE-2016-5147, CVE-2016-5148, CVE-2016-5149, CVE-2016-5150, CVE-2016-5151, CVE-2016-5152, CVE-2016-5153, CVE-2016-5154, CVE-2016-5155, CVE-2016-5156, CVE-2016-5157, CVE-2016-5158, CVE-2016-5159, CVE-2016-5160, CVE-2016-5161, CVE-2016-5162, CVE-2016-5163, CVE-2016-5164, CVE-2016-5165, CVE-2016-5166, CVE-2016-5167
Sep 3 2016
Fix Available: Yes Vendor Confirmed: Yes
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can bypass security controls on the target system.
A remote user can spoof a URL.
A remote user can access the target user's cookies (including authentication cookies), if any, associated with the target site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
Solution: The vendor has issued a fix (53.0.2785.89 for Windows, Mac; 53.0.2785.92 for Linux)...
___

- https://www.us-cert.gov/ncas/current-activity/2016/08/31/Google-Releases-Security-Update-Chrome
Aug 31, 2016

:fear::fear:

AplusWebMaster
2016-09-14, 20:10
FYI...

Chrome 53.0.2785.113 released
- https://googlechromereleases.blogspot.com/2016/09/stable-channel-update-for-desktop_13.html
Sep 13, 2016 - "The stable channel has been updated to 53.0.2785.113 for Windows, Mac, and Linux. This will roll out over the coming days/weeks...
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
This update includes... security fixes..."
___

Google Releases Security Update for Chrome
> https://www.us-cert.gov/ncas/current-activity/2016/09/14/Google-Releases-Security-Update-Chrome
Sep 14, 2016 - "Google has released Chrome version 53.0.2785.113 to address multiple vulnerabilities for Windows, Mac, and Linux. Exploitation of some of these vulnerabilities may allow an attacker to take control of an affected system..."

:fear::fear:

AplusWebMaster
2016-09-30, 21:06
FYI...

Chrome 53.0.2785.143 released
- https://googlechromereleases.blogspot.ca/2016/09/stable-channel-update-for-desktop_29.html
Sep 29, 2016 - "The stable channel has been updated to 53.0.2785.143 for Windows, Mac, and Linux. This will roll out over the coming days/weeks... This update includes -3- security fixes...
High CVE-2016-5177: Use after free in V8...
CVE-2016-5178: Various fixes from internal audits, fuzzing and other initiatives..."
___

- http://www.securitytracker.com/id/1036970
CVE Reference: CVE-2016-5177, CVE-2016-5178
Oct 6 2016
Fix Available: Yes Vendor Confirmed: Yes ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution: The vendor has issued a fix (53.0.2785.143)...
___

- https://www.us-cert.gov/ncas/current-activity/2016/09/30/Google-Releases-Security-Update-Chrome
Sep 30, 2016

:fear:

AplusWebMaster
2016-10-13, 21:13
FYI...

Chrome 54.0.2840.59 released
- https://googlechromereleases.blogspot.com/2016/10/stable-channel-update-for-desktop.html
Oct 12, 2016 - "The Chrome team is delighted to announce the promotion of Chrome 54 to the stable channel - 54.0.2840.59 for Windows, Mac, and Linux. This will roll out over the coming days/weeks... This update includes -21- security fixes..."
High: CVE-2016-5181, CVE-2016-5182, CVE-2016-5183, CVE-2016-5184, CVE-2016-5185, CVE-2016-5187
___

- https://www.us-cert.gov/ncas/current-activity/2016/10/13/Google-Releases-Security-Update-Chrome
Oct 13, 2016

:fear:

AplusWebMaster
2016-11-03, 11:25
FYI...

Chrome 54.0.2840.87 released
- https://googlechromereleases.blogspot.com/2016/11/stable-channel-update-for-desktop.html
Nov 1, 2016 - "The stable channel has been updated to 54.0.2840.87 for Windows, Mac, and 54.0.2840.90 for Linux. This will roll out over the coming days/weeks..."
High CVE-2016-5198
___

- http://www.securitytracker.com/id/1037224
CVE Reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5198
Nov 4 2016
Impact: Not specified
Fix Available: Yes Vendor Confirmed: Yes
Solution: The vendor has issued a fix (54.0.2840.87 for Windows, Mac; 54.0.2840.90 for Linux)...
___

- https://www.us-cert.gov/ncas/current-activity/2016/11/02/Google-Releases-Security-Updates-Chrome
Nov 2, 2016

:fear::fear:

AplusWebMaster
2016-11-11, 13:01
FYI...

Chrome 54.0.2840.99 released
- https://googlechromereleases.blogspot.com/search/label/Stable%20updates
Nov 9, 2016 - "The stable channel has been updated to 54.0.2840.99 for Windows and 54.0.2840.98 for Mac. Linux has additional changes in the pipeline and is planned to be pushed tomorrow. For all platforms this will roll out over the coming days/weeks...
This update includes -4- security fixes..."
High CVE-2016-5199
High CVE-2016-5200
___

- http://www.securitytracker.com/id/1037273
CVE Reference: CVE-2016-5199, CVE-2016-5200, CVE-2016-5201, CVE-2016-5202
Nov 11 2016
Fix Available: Yes Vendor Confirmed: Yes
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can obtain potentially sensitive information on the target system.
Solution: The vendor has issued a fix (54.0.2840.99 for Windows; 54.0.2840.98 for Mac; 54.0.2840.100 on Linux)...
___

- https://www.us-cert.gov/ncas/current-activity/2016/11/10/Google-Releases-Security-Updates-Chrome
Nov 10, 2016

:fear::fear:

AplusWebMaster
2016-12-02, 12:12
FYI...

Chrome 55.0.2883.75 released
- https://googlechromereleases.blogspot.com/2016/12/stable-channel-update-for-desktop.html
Dec 1, 2016 - " The Chrome team is delighted to announce the promotion of Chrome 55 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 55.0.2883.75 contains a number of fixes and improvements... This update includes 36 security fixes..."
___

- https://www.us-cert.gov/ncas/current-activity/2016/12/01/Google-Releases-Security-Updates-Chrome
Dec 1, 2016

:fear::fear:

AplusWebMaster
2017-01-12, 20:23
FYI...

Chrome 55.0.2883.105 released
- https://chromereleases.googleblog.com/2017/01/stable-channel-update-for-chrome-os.html
Jan 10, 2017 - "The Stable channel has been updated to 55.0.2883.105 (Platform version: 8872.76.0) for all Chrome OS devices. This build contains a number of bug fixes and security updates. Systems will be receiving updates over the next several days..."

- https://krebsonsecurity.com/2017/01/adobe-microsoft-push-critical-security-fixes-9/
"... When in doubt with Chrome, click the vertical three dot icon to the right of the URL bar, select “Help,” then “About Chrome”: If there is an update available, Chrome should install it then. In either case, be sure to restart the browser after installing an update (if it doesn’t do that for you)..."
___

> https://it.slashdot.org/story/17/01/11/218254/latest-adobe-acrobat-reader-update-silently-installs-chrome-extension
Jan 11, 2017 - "The latest Adobe Acrobat Reader security update (15.023.20053), besides delivering security updates, also secretly installs the Adobe Acrobat extension in the user's Chrome browser. There is no mention of this "special package" on Acrobat's changelog, and surprise-surprise, the extension comes with anonymous-data-collection turned -on- by default..."
* https://www.bleepingcomputer.com/news/software/adobe-acrobat-reader-dc-update-installs-chrome-browser-extension/
Jan 11, 2017

:fear::fear:

AplusWebMaster
2017-01-26, 12:49
FYI...

Chrome 56.0.2924.76 released
- https://chromereleases.googleblog.com/
Jan 25, 2017 - "The Chrome team is delighted to announce the promotion of Chrome 56 to the stable channel - 56.0.2924.76 for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 56.0.2924.76 contains a number of fixes and improvements... This update includes -51- security fixes..."
___

- http://www.securitytracker.com/id/1037718
CVE Reference: CVE-2017-5006, CVE-2017-5007, CVE-2017-5008, CVE-2017-5009, CVE-2017-5010, CVE-2017-5011, CVE-2017-5012, CVE-2017-5013, CVE-2017-5014, CVE-2017-5015, CVE-2017-5016, CVE-2017-5017, CVE-2017-5018, CVE-2017-5019, CVE-2017-5020, CVE-2017-5021, CVE-2017-5022, CVE-2017-5023, CVE-2017-5024, CVE-2017-5025, CVE-2017-5026
Jan 26 2017
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 56.0.2924.76 ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can obtain potentially sensitive information on the target system.
A remote user can spoof the address bar and the user interface.
A remote user can access the target user's cookies (including authentication cookies), if any, associated with an arbitrary site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.
Solution: The vendor has issued a fix (56.0.2924.76)...
___

- https://www.us-cert.gov/ncas/current-activity/2017/01/25/Google-Releases-Security-Updates-Chrome
Jan 25, 2017

:fear::fear:

AplusWebMaster
2017-03-10, 03:13
FYI...

Chrome 57.0.2987.98 released
- https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop.html
Mar 9, 2017 - "The Chrome team is delighted to announce the promotion of Chrome 57 to the stable channel - 57.0.2987.98 for Windows, Mac and Linux... This update includes 36 security fixes..."
___

- https://www.us-cert.gov/ncas/current-activity/2017/03/09/Google-Releases-Security-Update-Chrome
Mar 9, 2017

:fear::fear:

AplusWebMaster
2017-03-30, 11:49
FYI...

Chrome 57.0.2987.133 released
- https://chromereleases.googleblog.com/2017/03/stable-channel-update-for-desktop_29.html
March 29, 2017 - "The stable channel has been updated to 57.0.2987.133 for Windows, Mac, and Linux...
This update includes 5 security fixes..."
___

- https://www.us-cert.gov/ncas/current-activity/2017/03/30/Google-Releases-Security-Updates-Chrome
March 30, 2017

:fear::fear:

AplusWebMaster
2017-04-20, 13:04
FYI...

Chrome 58.0.3029.81 released
- https://chromereleases.googleblog.com/2017/04/stable-channel-update-for-desktop.html
April 19, 2017 - "The Chrome team is delighted to announce the promotion of Chrome 58 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 58.0.3029.81 contains a number of fixes and improvements... This update includes -29- security fixes..."
___

- http://www.securitytracker.com/id/1038317
CVE Reference: CVE-2017-5057, CVE-2017-5058, CVE-2017-5059, CVE-2017-5060, CVE-2017-5061, CVE-2017-5062, CVE-2017-5063, CVE-2017-5064, CVE-2017-5065, CVE-2017-5066, CVE-2017-5067, CVE-2017-5069
Apr 20 2017
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 58.0.3029.81 ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can bypass cross-origin restrictions on the target system.
A remote user can spoof a URL.
Solution: The vendor has issued a fix (58.0.3029.81)...
___

- https://www.us-cert.gov/ncas/current-activity/2017/04/19/Google-Releases-Security-Updates-Chrome
April 19, 2017

:fear:

AplusWebMaster
2017-05-03, 02:42
FYI...

Chrome 58.0.3029.96 released
- https://chromereleases.googleblog.com/2017/05/stable-channel-update-for-desktop.html
May 2, 2017 - "The stable channel has been updated to 58.0.3029.96 for Windows, Mac, and Linux... In order to improve stability, performance, and security, users who are currently on 32-bit version of Chrome, and 64-bit Windows with 4GB or more of memory and auto-update enabled will be automatically migrated to 64-bit Chrome during this update. 32-bit Chrome will still be available via the Chrome download page...
This update includes 1 security fix..."

- https://www.us-cert.gov/ncas/current-activity/2017/05/02/Google-Releases-Security-Updates-Chrome
May 02, 2017 - "Google has released Chrome version 58.0.3029.96 for Windows, Mac, and Linux. This version addresses a vulnerability that an attacker could exploit to cause a denial-of-service condition..."
___

Chrome 58.0.3029.110 released
- https://chromereleases.googleblog.com/2017/05/stable-channel-update-for-desktop_9.html
May 9, 2017 - "The stable channel has been updated to 58.0.3029.110 for Windows, Mac, and Linux..."

:fear::fear:

AplusWebMaster
2017-06-06, 14:20
FYI...

Chrome 59.0.3071.86 released
- https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop.html
June 5, 2017 - " The Chrome team is delighted to announce the promotion of Chrome 59 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 59.0.3071.86 contains a number of fixes and improvements... This update includes 30 security fixes..."
___

- https://www.us-cert.gov/ncas/current-activity/2017/06/06/Google-Releases-Security-Updates-Chrome
June 06, 2017
___

- http://www.securitytracker.com/id/1038622
CVE Reference: CVE-2017-5070, CVE-2017-5071, CVE-2017-5072, CVE-2017-5073, CVE-2017-5074, CVE-2017-5075, CVE-2017-5076, CVE-2017-5077, CVE-2017-5078, CVE-2017-5079, CVE-2017-5080, CVE-2017-5081, CVE-2017-5082, CVE-2017-5083, CVE-2017-5085, CVE-2017-5086
Jun 7 2017
Fix Available: Yes Vendor Confirmed: Yes
Version(s): prior to 59.0.3071.86 ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can obtain potentially sensitive information on the target system.
A remote user can spoof a URL.
Solution: The vendor has issued a fix (59.0.3071.86)...

:fear::fear:

AplusWebMaster
2017-06-16, 14:18
FYI...

Chrome 59.0.3071.104 released
- https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop_15.html
June 15, 2017 - "The stable channel has been updated to 59.0.3071.104 for Windows, Mac, and Linux. This will roll out over the coming days/weeks... This update includes 5 security fixes...

- http://www.securitytracker.com/id/1038765
CVE Reference: CVE-2017-5087, CVE-2017-5088, CVE-2017-5089
Jun 22 2017
Fix Available: Yes Vendor Confirmed: Yes ...
Impact: A remote user can bypass sandbox security controls on the target system.
A remote user can obtain potentially sensitive information on the target system.
A remote user can spoof a domain.
Solution: The vendor has issued a fix (59.0.3071.104)...
___

- https://www.us-cert.gov/ncas/current-activity/2017/06/15/Google-Releases-Security-Updates-Chrome
June 15, 2017
___

Chrome - Stable Channel Update for Desktop - 59.0.3071.115
- https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop_26.html
June 26, 2017 - "The stable channel has been updated to 59.0.3071.115 for Windows, Mac, and Linux. This will roll out over the coming days/weeks..."

:fear::fear:

AplusWebMaster
2017-07-26, 23:20
FYI...

Chrome 60.0.3112.78 released
- https://chromereleases.googleblog.com/2017/07/stable-channel-update-for-desktop.html
July 25, 2017 - "... Chrome 60.0.3112.78 contains a number of fixes and improvements... This update includes -40- security fixes..."
___

- https://www.us-cert.gov/ncas/current-activity/2017/07/26/Google-Releases-Security-Updates-Chrome
July 26, 2017

:fear:

AplusWebMaster
2017-09-07, 02:41
FYI...

Chrome 61.0.3163.79 released
- https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop.html
Sep 5, 2017 - "... Chrome 61.0.3163.79 contains a number of fixes and improvements...
This update includes -22- security fixes..."
___

- http://www.securitytracker.com/id/1039291
CVE Reference: CVE-2017-5111, CVE-2017-5112, CVE-2017-5113, CVE-2017-5114, CVE-2017-5115, CVE-2017-5116, CVE-2017-5117, CVE-2017-5118, CVE-2017-5119, CVE-2017-5120
Sep 7 2017
Impact: Execution of arbitrary code via network, User access via network
Fix Available: Yes Vendor Confirmed: Yes ...
Impact: A remote user can create content that, when loaded by the target user, will execute arbitrary code on the target user's system.
A remote user can bypass security controls on the target system.
Solution: The vendor has issued a fix (61.0.3163.79)...
___

- https://www.us-cert.gov/ncas/current-activity/2017/09/06/Google-Releases-Security-Updates-Chrome
Sep 6, 2017

:fear::fear:

AplusWebMaster
2017-09-23, 00:10
FYI...

Chrome 61.0.3163.100 released
- https://chromereleases.googleblog.com/2017/09/stable-channel-update-for-desktop_21.html
Sep 21, 2017 - "The stable channel has been updated to 61.0.3163.100 for Windows, Mac and Linux which will roll out over the coming days/weeks... This update includes -3- security fixes..."

- http://www.securitytracker.com/id/1039497
CVE Reference: CVE-2017-5121, CVE-2017-5122
Oct 4 2017
Fix Available: Yes Vendor Confirmed: Yes ...
Version(s): prior to 61.0.3163.100 ...
Impact: A remote user can execute arbitrary code on the target system.
Solution: The vendor has issued a fix (61.0.3163.100)...
___

- https://www.us-cert.gov/ncas/current-activity/2017/09/22/Google-Releases-Security-Updates-Chrome
Sep 22, 2017

:fear::fear:

AplusWebMaster
2017-10-18, 22:06
FYI...

Chrome 62.0.3202.62 released
- https://chromereleases.googleblog.com/2017/10/stable-channel-update-for-desktop.html
Oct 17, 2017 - "The Chrome team is delighted to announce the promotion of Chrome 62 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 62.0.3202.62 contains a number of fixes and improvements... This update includes -35- security fixes..."
Labels: Stable updates
___

- https://www.us-cert.gov/ncas/current-activity/2017/10/18/Google-Releases-Security-Updates-Chrome
Oct 18, 2017

:fear::fear:

AplusWebMaster
2017-10-27, 14:07
FYI...

Chrome 62.0.3202.75 released
- https://chromereleases.googleblog.com/search/label/Stable%20updates
Oct 26, 2017 - "The stable channel has been updated to 62.0.3202.75 for Windows, Mac and Linux which will roll out over the coming days/weeks... This update includes 1 security fix..."
Labels: Stable updates
___

- https://www.us-cert.gov/ncas/current-activity/2017/10/26/Google-Releases-Security-Update-Chrome
Oct 26, 2017

:fear:

AplusWebMaster
2017-11-07, 02:34
FYI...

Chrome 62.0.3202.89 released
- https://chromereleases.googleblog.com/search/label/Stable%20updates
Nov 6, 2017 - "The stable channel has been updated to 62.0.3202.89 for Windows, Mac and Linux which will roll out over the coming days/weeks... This update includes -2- security fixes contributed by an external researcher..."
___

- https://www.us-cert.gov/ncas/current-activity/2017/11/06/Google-Releases-Security-Update-Chrome
Nov 6, 2017

:fear::fear:

AplusWebMaster
2017-12-07, 05:48
FYI...

Chrome 63.0.3239.84 released
- https://chromereleases.googleblog.com/2017/12/stable-channel-update-for-desktop.html
Dec 6, 2017 - " The Chrome team is delighted to announce the promotion of Chrome 63 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 63.0.3239.84 contains a number of fixes and improvements... This update includes 37 security fixes..."
___

- https://www.us-cert.gov/ncas/current-activity/2017/12/06/Google-Releases-Security-Update-Chrome
Dec 6, 2017

:fear::fear:

AplusWebMaster
2017-12-15, 12:24
FYI...

Chrome 63.0.3239.108 released
- https://chromereleases.googleblog.com/search/label/Stable%20updates
Dec 14, 2017 - "The stable channel has been updated to 63.0.3239.108 for Windows, Mac and Linux which will roll out over the coming days/weeks... This update includes 2 security fixes..."
___

- https://www.us-cert.gov/ncas/current-activity/2017/12/14/Google-Releases-Security-Update-Chrome
Dec 14, 2017

:fear::fear:

AplusWebMaster
2018-01-25, 15:57
FYI...

Chrome 64.0.3282.119 released
- https://chromereleases.googleblog.com/search/label/Stable%20updates
Jan 24, 2018 - "The Chrome team is delighted to announce the promotion of Chrome 64 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks... This update includes 53 security fixes..."
___

- https://www.us-cert.gov/ncas/current-activity/2018/01/24/Google-Releases-Security-Update-Chrome
Jan 24, 2018

:fear::fear:

AplusWebMaster
2018-03-08, 15:39
FYI...

Chrome 65.0.3325.146 released
- https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-desktop.html
Mar 6, 2018 - "The Chrome team is delighted to announce the promotion of Chrome 65 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 65.0.3325.146 contains a number of fixes and improvements... This update includes -45- security fixes..."
___

- https://www.us-cert.gov/ncas/current-activity/2018/03/06/Google-Releases-Security-Update-Chrome
Mar 6, 2018

:fear::fear: