Notification

Icon
Error

Google Chrome Arbitrary Code Execution Vulnerability

Posted: Thursday, May 31, 2018 3:29:49 PM(UTC)
Esben.D

Esben.D

Member Administration Original PosterPosts: 1,565
4
Like
A new vulnerability has been discovered in Google Chrome. Web pages designed to utilize this vulnerability can allow for an attacker to perform arbitrary code executions in context of the browser. This can allow the retrieval of information, security bypasses and denial-of-service vulnerability.

All Google Chrome versions prior to 67.0.3396.62 are vulnerable and should be updated.

You can either download the Google Chrome Enterprise bundle for deployment on your network or simply let users update and restart their Google chrome by following these instructions.

To discover all assets with a Google Chrome version that is vulnerable, you can add and run the report below in your Lansweeper installation. Instructions on how to run this report in Lansweeper can be found in this forum post.

Code:
Select Top 1000000 tblAssets.AssetID,
  tblAssets.AssetName,
  tblAssets.Domain,
  tblAssets.Username,
  tblAssets.Userdomain,
  Coalesce(tsysOS.Image, tsysAssetTypes.AssetTypeIcon10) As icon,
  tblAssets.IPAddress,
  tsysIPLocations.IPLocation,
  tblAssetCustom.Manufacturer,
  tblAssetCustom.Model,
  tsysOS.OSname As OS,
  tblAssets.SP,
  tblAssets.Lastseen,
  tblAssets.Lasttried,
  tblSoftwareUni.softwareName As Software,
  tblSoftware.softwareVersion As Version,
  tblSoftwareUni.SoftwarePublisher As Publisher,
  tblSoftware.Lastchanged
From tblAssets
  Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
  Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
  Inner Join tsysIPLocations On tsysIPLocations.LocationID =
    tblAssets.LocationID
  Inner Join tblState On tblState.State = tblAssetCustom.State
  Inner Join tblSoftware On tblAssets.AssetID = tblSoftware.AssetID
  Inner Join tblSoftwareUni On tblSoftwareUni.SoftID = tblSoftware.softID
  Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
Where tblSoftwareUni.softwareName = 'Google Chrome' And
  tblSoftware.softwareVersion Not Like '67.%' And tblState.Statename = 'Active'
Order By tblAssets.Domain,
  tblAssets.AssetName,
  Software
Esben.D
#1Esben.D Member Administration Original PosterPosts: 1,565  
posted: 5/31/2018 3:35:48 PM(UTC)
Feel free to discuss this topic in the related Reports forum topic.

Active Discussions

Lansweeper LSAgent has forgotten x64 Windows applications
by  cycleheat   Go to last post Go to first unread
Last post: Yesterday at 7:18:12 PM(UTC)
Lansweeper Performance scanning - incorrect values
by  Richard_Lan  
Go to last post Go to first unread
Last post: Yesterday at 4:26:02 PM(UTC)
Lansweeper Windows firewall rules
by  pryan67   Go to last post Go to first unread
Last post: Yesterday at 2:56:52 PM(UTC)
Lansweeper Run outside of our domain?
by  pryan67  
Go to last post Go to first unread
Last post: Yesterday at 2:53:05 PM(UTC)
Lansweeper Add logic to certain ticket submission
by  Esben.D   Go to last post Go to first unread
Last post: Yesterday at 1:02:46 PM(UTC)
Lansweeper Avast scanning still failing
by  Esben.D  
Go to last post Go to first unread
Last post: Yesterday at 12:59:17 PM(UTC)
Lansweeper History deleting daily
by  Esben.D   Go to last post Go to first unread
Last post: Yesterday at 12:46:08 PM(UTC)
Lansweeper Initial Ticket State Status
by  John M  
Go to last post Go to first unread
Last post: 4/23/2019 5:37:30 PM(UTC)