SUSE has released security updates to address vulnerabilities in xen. Exploitation of these vulnerabilities may allow an attacker to take control of affected system.

Users and administrators are encouraged to review SUSE Security Advisory and apply necessary updates.

Advisory No: TZCERT/SA/2021/04/15

Date of First Release: 15^th April 2021

Source: Google 

Software Affected: Google Chrome (Desktop version) prior to 89.0.4389.128

Overview:

The vulnerability is caused by insufficient validation of untrusted input in google chrome’s V8 javascript rendering engine.

Description:

A remote attacker could entice a user to open a web page with specially crafted content on a vulnerable browser to exploit the vulnerability. An attacker could view, change, or delete data depending on the application’s privileges.

The impact of the exploitation depends on user rights assigned to the system. Exploitation will be less severe if few users rights are set on the system than that configured with administrative rights.

Impact:

Successful exploitation of these vulnerabilities could lead to remote code execution on the affected system.

Solution:

Google has issued security updates to address the affected products. Users and administrators are advised to apply necessary updates on Google Chrome.

References:

1. https://chromereleases.googleblog.com/2021/04/stable-channel-update-for-desktop.html
2. https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-google-chrome-could-allow-for-arbitrary-code-execution_2021-047/

Microsoft has released security updates to address vulnerabilities to its multiple products. Exploitation of these vulnerabilities may allow an attacker to take control of affected system.

Users and administrators are encouraged to review Microsoft Release Note and apply necessary updates.

Google has released security updates to address vulnerabilities in Chrome prior to 89.0.4389.128. Exploitation of these vulnerabilities may allow an attacker to take control of affected system.

Users and administrators are encouraged to review Chrome Release Page and apply necessary updates.

Adobe has released security updates to address vulnerabilities in Adobe Photoshop, Bridge, RoboHelp and Digital Editions. Exploitation of these vulnerabilities may allow an attacker to take control of affected system.

Users and administrators are encouraged to review Adobe Security Advisories and apply necessary updates.