publish date :
2023-03-28
DESCRIPTION:
7 Vulnerabilities(CVE-2023-1528 to CVE-2023-1534) exist due to use-after-free error, Out-of-Bounds Read…etc. A remote attacker can create a specially crafted web page, trick the victim into visiting it, trigger use-after-free error and execute arbitrary code on the target system.
AFFECTED RELEASES:
Google Chrome prior to 111.0.5563.110 (not inclued)
Microsoft Edge prior to 111.0.1661.54 (not inclued)
Brave prior to 1.49.128 (not inclued)
SOLUTION:
Upgrade to at least Google Chrome 111.0.5563.110 by following steps:
1. Open the Google Chrome browser.
2. Enter “chrome://settings/help” in the address bar. The window that appears will automatically check for updates and show you the current version of Chrome.
3. After Chrome is updated, click the “RELAUNCH” option to restart Chrome and complete the update.
Upgrade to at least Microsoft Edge 111.0.1661.54 by following steps:
1. Open the Microsoft Edge browser.
2. Enter “edge://settings/help” in the address bar. The window that appears will automatically check for updates and show you the current version of Edge.
3. After Edge is updated, click the “RELAUNCH” option to restart Edge and complete the update.
Upgrade to at least Brave 1.49.128 by following steps:
1. Open the Brave browser.
2. Enter “brave://settings/help” in the address bar. The window that appears will automatically check for updates and show you the current version of Brave.
3. After Brave is updated, click the “RELAUNCH” option to restart Brave and complete the update.
REFERENCE:
1. https://chromereleases.googleblog.com/2023/03/stable-channel-update-for-desktop_21.html?m=1
2. https://www.cybersecurity-help.cz/vdb/SB2023032501
3. https://brave.com/latest/
4. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-1528
5. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-1529
6. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-1530
7. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-1531
8. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-1532
9. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-1533
10. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-1534