Chrome 78 Zero-Day Vulnerability Audit

Find Vulnerable Google Chrome Installations in Your Network

Two critical vulnerabilities have been patched by Google in their latest major Chrome release. The vulnerabilities affected Chrome's audio component (CVE-2019-13720) and the PDFium (CVE-2019-13721) library. The vulnerabilities can be quite easily exploited by convincing the user to visit a specially crafted website. Therefore it is critical that Chrome installations are updated as soon as possible. You can find more information about this vulnerability in the Google Chrome 78 zero-day blog post.

The audit below will give you a list of all devices with Chrome installation on them. Additionally, it shows whether those installations are on version 78.0.3904.87 or not so you can easily find machines that are out of date and pose a security risk. This way, you can update all the Google Chrome installations within your IT network before it is too late.

 

Google Chrome 78 Zero-day Vulnerability Query

Select Top 1000000 tblAssets.AssetID,
  tblAssets.AssetName,
  tblAssets.Domain,
  tsysAssetTypes.AssetTypename As AssetType,
  tblAssets.Username,
  tblAssets.Userdomain,
  tsysAssetTypes.AssetTypeIcon10 As icon,
  tblAssets.IPAddress,
  tblSoftwareUni.softwareName As Software,
  tblSoftware.softwareVersion As Version,
  tblSoftwareUni.SoftwarePublisher As Publisher,
  Case
    When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) > 78 Then
      'Up to date'
    When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) = 78 And
      Cast(SubString(tblSoftware.softwareVersion, 6, 4) As INT) > 3904
    Then 'Up to date'
    When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) = 78 And
      Cast(SubString(tblSoftware.softwareVersion, 6, 4) As INT) = 3904
      And Cast(SubString(tblSoftware.softwareVersion, 11, 4) As INT) >= 87 Then
      'Up to date'
    Else 'Out of date'
  End As [Patch Status],
  tsysIPLocations.IPLocation,
  tblAssetCustom.Manufacturer,
  tblAssetCustom.Model,
  tsysOS.OSname As OS,
  tblAssets.SP,
  tblAssets.Lastseen,
  tblAssets.Lasttried,
  tblSoftware.Lastchanged,
  Case
    When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) > 78 Then
      '#d4f4be'
    When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) = 78 And
      Cast(SubString(tblSoftware.softwareVersion, 6, 4) As INT) > 3904
    Then '#d4f4be'
    When Cast(SubString(tblSoftware.softwareVersion, 0, 3) As INT) = 78 And
      Cast(SubString(tblSoftware.softwareVersion, 6, 4) As INT) = 3904
      And Cast(SubString(tblSoftware.softwareVersion, 11, 4) As INT) >= 87 Then
      '#d4f4be'
    Else '#ffadad'
  End As backgroundcolor
From tblAssets
  Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
  Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
  Inner Join tsysIPLocations On tsysIPLocations.LocationID =
    tblAssets.LocationID
  Inner Join tblState On tblState.State = tblAssetCustom.State
  Inner Join tblSoftware On tblAssets.AssetID = tblSoftware.AssetID
  Inner Join tblSoftwareUni On tblSoftwareUni.SoftID = tblSoftware.softID
  Left Join tsysOS On tsysOS.OScode = tblAssets.OScode
Where tblSoftwareUni.softwareName Like '%Google Chrome%' And
  tblState.Statename = 'Active'

Audit and Take Action in 3 Easy Steps

1. Download & Install Lansweeper

3. Run the Audit & Take Action

Download Lansweeper to Run this Audit

Harness the Power of Reporting