{"id":236355,"date":"2020-10-07T13:03:00","date_gmt":"2020-10-07T11:03:00","guid":{"rendered":"https:\/\/www.borncity.com\/blog\/?p=236355"},"modified":"2020-10-07T13:11:32","modified_gmt":"2020-10-07T11:11:32","slug":"google-chrome-86-0-4240-75-erschienen","status":"publish","type":"post","link":"https:\/\/borncity.com\/blog\/2020\/10\/07\/google-chrome-86-0-4240-75-erschienen\/","title":{"rendered":"Google Chrome 86.0.4240.75 erschienen"},"content":{"rendered":"<p><img decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" src=\"https:\/\/borncity.com\/blog\/wp-content\/uploads\/2015\/01\/Chrome.jpg\" \/>[<a href=\"https:\/\/borncity.com\/win\/2020\/10\/07\/google-chrome-86-0-4240-75-erschienen\/\" target=\"_blank\" rel=\"noopener noreferrer\">English<\/a>]Google hat am 6. Oktober 2020 ein neues Update des Google Chrome-Browsers f\u00fcr den Desktop (Linux, macOS, Windows) ver\u00f6ffentlicht, das den Browser auf die Version 86.0.4240.75 hebt. Es ist ein Haupt-Update auf den 86er Zweig, das neben Bugfixes auch 35 Schwachstellen schlie\u00dft.<\/p>\n<p><!--more--><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg07.met.vgwort.de\/na\/409ff811ab6a4f96ae7f381ef9954a96\" alt=\"\" width=\"1\" height=\"1\" \/>Der Chrome 86.0.4240.75 f\u00fcr den Desktop enth\u00e4lt eine Reihe an Fixes (siehe <a href=\"https:\/\/chromium.googlesource.com\/chromium\/src\/+log\/85.0.4183.121..86.0.4240.75?pretty=fuller&amp;n=10000\" target=\"_blank\" rel=\"noopener noreferrer\">Changelog<\/a>). Einen Google Blog-Beitrag zu den Neuerungen habe ich nicht gefunden. Bei heise l\u00e4sst sich aber in diesem Artikel nachlesen, was sich ge\u00e4ndert hat. Im Google-Blog gibt es <a href=\"https:\/\/chromereleases.googleblog.com\/2020\/10\/stable-channel-update-for-desktop.html\" target=\"_blank\" rel=\"noopener noreferrer\">diesen Beitrag<\/a>, der sich mit den geschlossenen Schwachstellen befasst.<\/p>\n<ul>\n<li>[$N\/A][1127322] Critical CVE-2020-15967: Use after free in payments. Reported by Man Yue Mo of GitHub Security Lab on 2020-09-11<\/li>\n<li>[$5000][1126424] High CVE-2020-15968: Use after free in Blink. Reported by Anonymous on 2020-09-09<\/li>\n<li>[$500][1124659] High CVE-2020-15969: Use after free in WebRTC. Reported by Anonymous on 2020-09-03<\/li>\n<li>[$N\/A][1108299] High CVE-2020-15970: Use after free in NFC. Reported by Man Yue Mo of GitHub Security Lab on 2020-07-22<\/li>\n<li>[$N\/A][1114062] High CVE-2020-15971: Use after free in printing. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2020-08-07<\/li>\n<li>[$TBD][1115901] High CVE-2020-15972: Use after free in audio. Reported by Anonymous on 2020-08-13<\/li>\n<li>[$TBD][1133671] High CVE-2020-15990: Use after free in autofill. Reported by Rong Jian and Guang Gong of Alpha Lab, Qihoo 360 on 2020-09-30<\/li>\n<li>[$TBD][1133688] High CVE-2020-15991: Use after free in password manager. Reported by Rong Jian and Guang Gong of Alpha Lab, Qihoo 360 on 2020-09-30<\/li>\n<li>[$15000][1106890] Medium CVE-2020-15973: Insufficient policy enforcement in extensions. Reported by David Erceg on 2020-07-17<\/li>\n<li>[$7500][1104103] Medium CVE-2020-15974: Integer overflow in Blink. Reported by Juno Im (junorouse) of Theori on 2020-07-10<\/li>\n<li>[$7500][1110800] Medium CVE-2020-15975: Integer overflow in SwiftShader. Reported by Anonymous on 2020-07-29<\/li>\n<li>[$7500][1123522] Medium CVE-2020-15976: Use after free in WebXR. Reported by YoungJoo Lee(@ashuu_lee) of Raon Whitehat on 2020-08-31<\/li>\n<li>[$5000][1083278] Medium CVE-2020-6557: Inappropriate implementation in networking. Reported by Matthias Gierlings and Marcus Brinkmann (NDS Ruhr-University Bochum) on 2020-05-15<\/li>\n<li>[$5000][1097724] Medium CVE-2020-15977: Insufficient data validation in dialogs. Reported by Narendra Bhati (https:\/\/twitter.com\/imnarendrabhati) on 2020-06-22<\/li>\n<li>[$5000][1116280] Medium CVE-2020-15978: Insufficient data validation in navigation. Reported by Luan Herrera (@lbherrera_) on 2020-08-14<\/li>\n<li>[$5000][1127319] Medium CVE-2020-15979: Inappropriate implementation in V8. Reported by Avihay Cohen @ SeraphicAlgorithms on 2020-09-11<\/li>\n<li>[$3000][1092453] Medium CVE-2020-15980: Insufficient policy enforcement in Intents. Reported by Yongke Wang(@Rudykewang) and Aryb1n(@aryb1n) of Tencent Security Xuanwu Lab (\u817e\u8baf\u5b89\u5168\u7384\u6b66\u5b9e\u9a8c\u5ba4\uff09 on 2020-06-08<\/li>\n<li>[$3000][1123023] Medium CVE-2020-15981: Out of bounds read in audio. Reported by Christoph Guttandin on 2020-08-28<\/li>\n<li>[$2000][1039882] Medium CVE-2020-15982: Side-channel information leakage in cache. Reported by Luan Herrera (@lbherrera_) on 2020-01-07<\/li>\n<li>[$N\/A][1076786] Medium CVE-2020-15983: Insufficient data validation in webUI. Reported by Jun Kokatsu, Microsoft Browser Vulnerability Research on 2020-04-30<\/li>\n<li>[$TBD][1080395] Medium CVE-2020-15984: Insufficient policy enforcement in Omnibox. Reported by Rayyan Bijoora on 2020-05-07<\/li>\n<li>[$N\/A][1099276] Medium CVE-2020-15985: Inappropriate implementation in Blink. Reported by Abdulrahman Alqabandi, Microsoft Browser Vulnerability Research on 2020-06-25<\/li>\n<li>[$N\/A][1100247] Medium CVE-2020-15986: Integer overflow in media. Reported by Mark Brand of Google Project Zero on 2020-06-29<\/li>\n<li>[$N\/A][1127774] Medium CVE-2020-15987: Use after free in WebRTC. Reported by Philipp Hancke on 2020-09-14<\/li>\n<li>[$N\/A][1110195] Medium CVE-2020-15992: Insufficient policy enforcement in networking. Reported by Alison Huffman, Microsoft Browser Vulnerability Research on 2020-07-28<\/li>\n<li>[$500][1092518] Low CVE-2020-15988: Insufficient policy enforcement in downloads. Reported by Samuel Attard on 2020-06-08<\/li>\n<li>[$N\/A][1108351] Low CVE-2020-15989: Uninitialized Use in PDFium. Reported by Gareth Evans (Microsoft) on 2020-07-22<\/li>\n<\/ul>\n<p>Hinzu kommen verschiedene Fixes, die das Entwicklerteam intern gefunden hat. Eine Interpretation der Schwachstellen findet sich <a href=\"https:\/\/www.heise.de\/news\/35-Sicherheitsluecken-in-Chrome-geschlossen-4923009.html\" target=\"_blank\" rel=\"noopener noreferrer\">hier<\/a>.<\/p>\n<p>Die Chrome-Version f\u00fcr Windows, Mac und Linux wird in den n\u00e4chsten Tagen \u00fcber die automatische Update-Funktion auf die Systeme ausgerollt. Sie k\u00f6nnen diese Build aber auch <a href=\"https:\/\/www.google.com\/intl\/de_de\/chrome\/\" target=\"_blank\" rel=\"noopener noreferrer\">hier herunterladen<\/a>. Updates f\u00fcr Edge, Vivaldi und weitere Clones sollten ebenfalls (ggf. in den kommenden Tagen) verf\u00fcgbar sein.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[English]Google hat am 6. Oktober 2020 ein neues Update des Google Chrome-Browsers f\u00fcr den Desktop (Linux, macOS, Windows) ver\u00f6ffentlicht, das den Browser auf die Version 86.0.4240.75 hebt. Es ist ein Haupt-Update auf den 86er Zweig, das neben Bugfixes auch 35 &hellip; <a href=\"https:\/\/borncity.com\/blog\/2020\/10\/07\/google-chrome-86-0-4240-75-erschienen\/\">Weiterlesen <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1356,426,185],"tags":[406,4328,4315],"class_list":["post-236355","post","type-post","status-publish","format-standard","hentry","category-google-chrome-internet","category-sicherheit","category-update","tag-chrome","tag-sicherheit","tag-update"],"_links":{"self":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/236355","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/comments?post=236355"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/posts\/236355\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/media?parent=236355"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/categories?post=236355"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/blog\/wp-json\/wp\/v2\/tags?post=236355"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}