9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
0.005 Low
EPSS
Percentile
75.3%
The Stable channel has been updated to 62.0.3202.74 (Platform version: 9901.54.0/1) for most* Chrome OS devices. This build contains a number of bug fixes and security updates. Systems will be receiving updates over the next several days.
New Features
[762671] This update includes fixes for the KRACK vulnerabilities (CVE-2017-13077 to 13082, 13084, 13086 to 13088).
[$100,000][766253] Critical: Persistent code execution on Chrome OS. Reported by Anonymous on 2017-09-18
[$TBD][777215] High CVE-2017-15400: CRLF and code injection in printer zeroconfig. Reported by Rory McNamara on 2017-10-22
[$500][627300] Low CVE-2017-15397: Use of plaintext network protocols in ChromeVox. Reported by Nightwatch Cybersecurity Research on 2016-07-12
We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.
If you find new issues, please let us know by visiting our forum or filing a bug. Interested in switching channels? Find out how. You can submit feedback using 'Report an issueβ¦' in the Chrome menu (3 vertical dots in the upper right corner of the browser).
Bernie Thompson
Google Chrome
*Devices with the Play Store, as well as AOpen Chromebase Commercial and AOpen Chromebox Commercial will be rolling out over the next few days.
CPE | Name | Operator | Version |
---|---|---|---|
chrome os | lt | 62.0.3202.74 |
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
0.005 Low
EPSS
Percentile
75.3%