Notification

Icon
Error

Google Chrome Arbitrary Code Execution Vulnerability

Posted: Thursday, May 31, 2018 3:29:49 PM(UTC)
Esben.D

Esben.D

Member Administration Original PosterPosts: 1,310
4
Like
A new vulnerability has been discovered in Google Chrome. Web pages designed to utilize this vulnerability can allow for an attacker to perform arbitrary code executions in context of the browser. This can allow the retrieval of information, security bypasses and denial-of-service vulnerability.

All Google Chrome versions prior to 67.0.3396.62 are vulnerable and should be updated.

You can either download the Google Chrome Enterprise bundle for deployment on your network or simply let users update and restart their Google chrome by following these instructions.

To discover all assets with a Google Chrome version that is vulnerable, you can add and run the report below in your Lansweeper installation. Instructions on how to run this report in Lansweeper can be found in this forum post.

Code:
Select Top 1000000 tblAssets.AssetID,
  tblAssets.AssetName,
  tblAssets.Domain,
  tblAssets.Username,
  tblAssets.Userdomain,
  Coalesce(tsysOS.Image, tsysAssetTypes.AssetTypeIcon10) As icon,
  tblAssets.IPAddress,
  tsysIPLocations.IPLocation,
  tblAssetCustom.Manufacturer,
  tblAssetCustom.Model,
  tsysOS.OSname As OS,
  tblAssets.SP,
  tblAssets.Lastseen,
  tblAssets.Lasttried,
  tblSoftwareUni.softwareName As Software,
  tblSoftware.softwareVersion As Version,
  tblSoftwareUni.SoftwarePublisher As Publisher,
  tblSoftware.Lastchanged
From tblAssets
  Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
  Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
  Inner Join tsysIPLocations On tsysIPLocations.LocationID =
    tblAssets.LocationID
  Inner Join tblState On tblState.State = tblAssetCustom.State
  Inner Join tblSoftware On tblAssets.AssetID = tblSoftware.AssetID
  Inner Join tblSoftwareUni On tblSoftwareUni.SoftID = tblSoftware.softID
  Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
Where tblSoftwareUni.softwareName = 'Google Chrome' And
  tblSoftware.softwareVersion Not Like '67.%' And tblState.Statename = 'Active'
Order By tblAssets.Domain,
  tblAssets.AssetName,
  Software
Esben.D
#1Esben.D Member Administration Original PosterPosts: 1,310  
posted: 5/31/2018 3:35:48 PM(UTC)
Feel free to discuss this topic in the related Reports forum topic.

Active Discussions

Lansweeper Mozilla Firefox Remote Execution Vulnerability
by  Esben.D   Go to last post Go to first unread
Last post: 10/5/2018 12:33:36 PM(UTC)
Lansweeper Lansweeper 7 Released
by  Esben.D  
Go to last post Go to first unread
Last post: 9/19/2018 1:33:10 PM(UTC)
Lansweeper MEGA Chrome Extension Vulnerability
by  Esben.D   Go to last post Go to first unread
Last post: 9/6/2018 1:25:43 PM(UTC)
Lansweeper Intel Foreshadow Vulnerability
by  Esben.D  
Go to last post Go to first unread
Last post: 8/20/2018 1:54:28 PM(UTC)
Lansweeper 2018 Sysadmin Day Giveaway
by  Esben.D   Go to last post Go to first unread
Last post: 8/3/2018 9:37:51 AM(UTC)
Lansweeper Our New Website is Live!
by  Esben.D  
Go to last post Go to first unread
Last post: 7/4/2018 2:08:16 PM(UTC)
Lansweeper TLBleed Vulnerability
by  Esben.D   Go to last post Go to first unread
Last post: 6/26/2018 2:29:32 PM(UTC)
Lansweeper Google Chrome Arbitrary Code Execution Vulnerability
by  Esben.D  
Go to last post Go to first unread
Last post: 5/31/2018 3:35:48 PM(UTC)