Rewterz

Rewterz Threat Alert – Emotet is Back from Holiday

January 20, 2020
Rewterz

Rewterz Threat Alert – STOP (djvu) Ransomware Actively Spread

January 20, 2020

Rewterz Threat Advisory – Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution

Severity

High

Analysis Summary

Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could result in arbitrary code execution.

Use-after-free in speech recognizer (CVE-2020-6378, CVE-2020-6379)
Extension message verification error (CVE-2020-6380)
Protections to mitigate Windows ECC certificate validation vulnerability CVE-2020-0601 (CVE-2020-0601)

Impact

Arbitrary Code Execution

Affected Vendors

Google

Affected Products

  • Google Chrome Canary
  • Google Chrome versions prior to 79.0.3945.130

Remediation

Update to latest version of Google chrome.

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.