{"id":4931,"date":"2023-12-01T23:29:31","date_gmt":"2023-12-01T15:29:31","guid":{"rendered":"https:\/\/aict.nkust.edu.tw\/digitrans\/?p=4931"},"modified":"2023-12-16T23:30:26","modified_gmt":"2023-12-16T15:30:26","slug":"google-chrome-%e7%b7%8a%e6%80%a5%e6%8e%a8%e5%87%ba-0-day-%e6%bc%8f%e6%b4%9e%e6%9b%b4%e6%96%b0","status":"publish","type":"post","link":"https:\/\/aict.nkust.edu.tw\/digitrans\/?p=4931","title":{"rendered":"Google Chrome \u7dca\u6025\u63a8\u51fa 0-day \u6f0f\u6d1e\u66f4\u65b0"},"content":{"rendered":"\n

\u767c\u5e03\u55ae\u4f4d:TWCERT\/CC \u66f4\u65b0\u65e5\u671f:2023-12-01<\/p>\n\n\n\n

Google \u65bc\u8fd1\u65e5\u91dd\u5c0d Chrome \u700f\u89bd\u5668\u4e2d\u7684\u4e00\u500b 0-day \u6f0f\u6d1e CVE-2023-6345 \u767c\u8868\u7dca\u6025\u66f4\u65b0\uff0c\u5ee3\u5927 Google Chrome \u4f7f\u7528\u8005\u5747\u61c9\u7acb\u5373\u66f4\u65b0\u700f\u89bd\u5668\u3002\u9019\u662f Google Chrome \u4eca\u5e74\u7b2c\u516d\u500b\u88ab\u767c\u73fe\u7684 0-day \u6f0f\u6d1e\u3002<\/p>\n\n\n\n

\u9019\u500b 0-day \u6f0f\u6d1e CVE-2023-6345 \u5b58\u65bc Skia \u958b\u6e90 2D \u7e6a\u5716\u7a0b\u5f0f\u5eab\u4e2d\uff0c\u5c6c\u65bc\u6574\u6578\u6ea2\u4f4d\u932f\u8aa4\uff1b\u99ed\u4fb5\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u4f86\u8a98\u767c\u7cfb\u7d71\u5d29\u6f70\uff0c\u9032\u800c\u57f7\u884c\u4efb\u610f\u7a0b\u5f0f\u78bc\u3002\u8a72\u6f0f\u6d1e\u6240\u5728\u7684 Skia \u7e6a\u5716\u5f15\u64ce\u7a0b\u5f0f\u5eab\uff0c\u540c\u6a23\u4e5f\u4f7f\u7528\u65bc\u591a\u7a2e\u8edf\u9ad4\u5982 ChromeOS\u3001Android \u8207 Flutter \u4e2d\u3002<\/p>\n\n\n\n

\u8a72\u6f0f\u6d1e\u662f\u7531 Google Threat Analysis Group (Google TAG) \u65d7\u4e0b\u7684\u8cc7\u5b89\u5c08\u5bb6\u6240\u767c\u73fe\uff1bGoogle TAG \u9577\u671f\u4ee5\u4f86\u5c31\u64c5\u65bc\u767c\u73fe\u5404\u7a2e 0-day \u6f0f\u6d1e\uff1b\u800c\u8a72\u55ae\u4f4d\u767c\u73fe\u7684 0-day \u6f0f\u6d1e\uff0c\u7d93\u5e38\u6703\u906d\u5230\u99ed\u4fb5\u5718\u9ad4\u7528\u65bc\u653b\u64ca\u5404\u7a2e\u91cd\u8981\u4eba\u58eb\u3002<\/p>\n\n\n\n

Google \u4e5f\u5728\u76f8\u95dc\u8cc7\u5b89\u901a\u5831\u4e2d\u6307\u51fa\uff0c\u8a72\u516c\u53f8\u5df2\u63a5\u7372 CVE-2023-6345 \u5df2\u906d\u99ed\u4fb5\u8005\u5ee3\u6cdb\u7528\u65bc\u653b\u64ca\u6d3b\u52d5\u7684\u60c5\u8cc7\u3002\u9019\u500b\u6f0f\u6d1e\u7684 CVSS \u5371\u96aa\u7a0b\u5ea6\u8a55\u5206\u70ba 8.8 \u5206\uff08\u6eff\u5206\u70ba 10 \u5206\uff09\uff0c\u5371\u96aa\u7a0b\u5ea6\u8a55\u7d1a\u70ba\u300c\u9ad8\u300d(High)\u3002<\/p>\n\n\n\n

\u9019\u500b\u6f0f\u6d1e\u5c0d\u6240\u6709\u5e73\u53f0\u7684 Google Chrome \u90fd\u9020\u6210\u5f71\u97ff\uff0c\u5305\u62ec Windows\u3001macOS \u548c Linux \u5e73\u53f0\uff1bGoogle \u4e5f\u5df2\u5728 Stable Desktop channel \u4e2d\u63a8\u51fa\u66f4\u65b0\uff0c\u4f7f\u7528\u61c9\u7acb\u5373\u5728 Chrome \u4e2d\u9078\u53d6\u66f4\u65b0\u529f\u80fd\uff0c\u5c07\u5176 Chrome \u700f\u89bd\u5668\u66f4\u65b0\u5230 Windows \u7248 119.0.6045.199\/.200\u3001macOS \u8207 Linux \u7248\u66f4\u65b0\u81f3 119.0.6045.199\u3002<\/p>\n\n\n\n

\u5efa\u8b70 Chrome \u4f7f\u7528\u8005\u61c9\u7acb\u5373\u5c07 Chrome \u700f\u89bd\u5668\u66f4\u65b0\u5230 Windows \u7248 119.0.6045.199\/.200\u3001macOS \u8207 Linux \u7248\u66f4\u65b0\u81f3 119.0.6045.199\u3002<\/p>\n\n\n\n

\u8cc7\u6599\u4f86\u6e90\uff1ahttps:\/\/www.twcert.org.tw\/tw\/cp-104-7561-c0ae1-1.html<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

\u767c\u5e03\u55ae\u4f4d:TWCERT\/CC \u66f4\u65b0\u65e5\u671f:2023-12-01 Google \u65bc\u8fd1\u65e5\u91dd\u5c0d Chrome \u700f\u89bd\u5668\u4e2d\u7684\u4e00\u500b 0-day \u6f0f\u6d1e CVE-2023-6345 \u767c\u8868\u7dca\u6025\u66f4\u65b0\uff0c\u5ee3…<\/p>\n","protected":false},"author":9,"featured_media":4561,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_post_was_ever_published":false},"categories":[352],"tags":[204],"class_list":["post-4931","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-information-security","tag-204"],"gutentor_comment":0,"jetpack_featured_media_url":"https:\/\/i0.wp.com\/aict.nkust.edu.tw\/digitrans\/wp-content\/uploads\/2023\/10\/391231016173591431-e1697778641439.png?fit=899%2C674&ssl=1","jetpack-related-posts":[],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/aict.nkust.edu.tw\/digitrans\/index.php?rest_route=\/wp\/v2\/posts\/4931","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/aict.nkust.edu.tw\/digitrans\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/aict.nkust.edu.tw\/digitrans\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/aict.nkust.edu.tw\/digitrans\/index.php?rest_route=\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/aict.nkust.edu.tw\/digitrans\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4931"}],"version-history":[{"count":1,"href":"https:\/\/aict.nkust.edu.tw\/digitrans\/index.php?rest_route=\/wp\/v2\/posts\/4931\/revisions"}],"predecessor-version":[{"id":4932,"href":"https:\/\/aict.nkust.edu.tw\/digitrans\/index.php?rest_route=\/wp\/v2\/posts\/4931\/revisions\/4932"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/aict.nkust.edu.tw\/digitrans\/index.php?rest_route=\/wp\/v2\/media\/4561"}],"wp:attachment":[{"href":"https:\/\/aict.nkust.edu.tw\/digitrans\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4931"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/aict.nkust.edu.tw\/digitrans\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4931"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/aict.nkust.edu.tw\/digitrans\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4931"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}