Google Releases New Chrome Stable Version - 20240725003

Overview

The WA SOC has been made aware of the release of Google Chrome stable versions. These are critical to mitigate multiple vulnerabilities discovered in Google Chrome that in the most severe case would allow a threat actor to perform arbitrary code execution.

What is vulnerable?

Product(s) Affected	Version(s)	CVE
Google Chrome	all versions below 127.0.6533.72 for Windows all versions below 127.0.6533.73 for Mac all versions below 127.0.6533.72 for Linux	CVE-2024-6988 CVE-2024-6989 CVE-2024-6991 CVE-2024-6992 CVE-2024-6993 CVE-2024-6994 CVE-2024-6995 CVE-2024-6996 CVE-2024-6997 CVE-2024-6998 CVE-2024-6999 CVE-2024-7000 CVE-2024-7001 CVE-2024-7003 CVE-2024-7004 CVE-2024-7005

Recommendation

The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of 1 month (refer Patch Management):

• Google: https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html

Reference

• Center for Internet Security: https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-google-chrome-could-allow-for-arbitrary-code-execution_2024-084