Re: Google Chrome Version 61.0.3163.79
Genciana Haggins
Hi @gabe_verrault
We have detected the same problem. after the last scan 3 days ago, the number of vulnerabilities found has exploded. On many Windows 10 clients (LTSB and SAC) Google Chrome version 68.73.16498 was detected and accordingly 700+ vulnerabilities were reported per client. Interestingly, on both SCCM and Nexthink this result was confirmed. Meaning that version 68.73.16498 is installed on the clients. MDATP however says that version: 89.0.4389.114 or newer is installed. Also the direct check on the client showed that a new version is installed and not 68.73.16498. I will definitely create a support case today. We apparently have over a million Chrome vulnerabilities.
Regards
David
Are you guys using PatchMyPC to deploy Google Chrome? That is what we are using and from what I understand PacthMyPC used to modify the version number in the Chrome Enterprise Edition msi file. When I open the Chrome Enterprise Edition msi file for Chrome 91.0.4472.77 the version number reported in the MSI is 68.94.77.
Hello everyone
Support has confirmed to me that this Wednesday a fix will be implemented which will fix the problem with GoogleChrome Vulns. Wanted to note this here briefly.
Best regards
David
The issue I stated earlier last week in regards to a known defect for which we will ship a release this week, on Wednesday June, 16th which will resolve the issue where we are inadvertently fingerprinting Google Chrome plugins as installations of Google Chrome thus causing False Positives in your environments.
Previously, the scan-engine and agent-based assessments only relied on the version of Chrome that was seen in the Windows Registry to make determinations about vulnerabilities. This was unreliable, as updates to (or removals of) Chrome could potentially not be reflected in the Registry and many customers reported back False Positives as a result and so we worked to change this fingerprinting methodology.
On June 2, we released a change such that instead of relying on versions in the Registry, the product now looks at the file path referenced in the Registry, and confirms the Chrome executable exists there, and uses that version instead when comparing to known affected versions of vulnerabilities. If the file does not exist we included the fall back method to still fingerprint from registry.
When it comes to Enterprise chrome installs we have to rely on the registry as an authority as the registry key itself provides no information on where the executable is located; we would have to search the entire file system to attempt to find the executable to confirm the version (why is there no yikes emoji here? ) In other words, the most notable difference for us is the complete absence of an install location field, this means that we are not able to confirm the presence of the executable on disk as the registry key contains no information to point us towards its location. In a case like this we have to refer to the registry as an authority as if we do not we simply would have to assert that there is nothing present, entirely removing all fingerprinting for Enterprise Chrome.
Hello everyone
short update from my side. Last Tuesday we scanned our entire network for vulnerabilities. The total number of Google Chrome vulnerabilities has decreased from 1.3 million to 370000. Which is a good sign that the fix has brought an improvement. Interestingly, there are still some Windows 10 clients that have an unusually high number of Google Chrome vulnerabilities. Here are a few screenshots from Rapid 7 and Microsoft 365 Defender.
In this example you can see that 3 clients have only 36 Google Chrome vulnerabilities and one client has 728 Google Chrome vulnerabilities. In this case, the outdated Chrome version 68.83.32980 is being displayed.
However, Microsoft defender shows that this client also has version 90.0.4430.212 installed.
Hey all - hope everyone is doing well! I just wanted to let you know that for the workaround our team is developing for Enterprise Chrome we are currently estimated to have a fix out for the end of the month. This could absolutely shift (I hope earlier!! ) as they go through testing but I will try my best to keep this thread updated for you all if it slips further for any reason. Have a great night!
Hi @andy_taylor
Thanks for the compliment. Since Rapid7 Nexpose does not offer any possibilities to create dashboards and the available reports are rather generic and cannot be optimally customized, I created a vulnerability dashboard using PowerBI.
The whole development took me quite a lot of time last year, but now all the effort has paid off. We in the SOC inform the system and application owners about the latest scan results, which they can then view in detail on the dashboard. For various reasons, we do not want to use insightVM at the moment.
To make sure you're protected by the latest security updates, Google Chrome can automatically update when a new version of the browser is available on your device. With these updates, you might sometimes notice that your browser looks different.
The browser saves your opened tabs and windows and reopens them automatically when it restarts. Your Incognito windows won't reopen when Chrome restarts. If you'd prefer not to restart right away, click Not now. The next time you restart your browser, the update will be applied.
Right now it looks like the version of JXBrowser we landed on for the other components breaks on-screen keyboard functionality in Workstation. I think they're planning to start working backwards from the newer version to see if they can find one that works for now.
Switching to a newer Chrome version would allow for this new pseudo-class to be used. This would make many new things possible and many already possible things much, much easier to achieve, most importantly without any JS, which would alleviate the need for having many little JS snippets running on every keystroke.
Yes, updating the Electron version is overdue. It will probably happen with the next larger public release. I guess it was not done this time because the developers were so busy with the new Canvas feature. Updating to the new Electron/Chrome version will also fix a lot of other pending bugs and quirks e.g. regarding font rendering on the Mac.
I am writing a script by using selenium. My problem is when the chrome has been automatically updated, my script is not working. So, my solution is learning the web chrome version (not driver) at the beginning and run the related chrome driver. So on my desktop I will keep all versions and run the correct one. But I could not find a solution to get the version of chrome. I will kindly appreciate the helps! Thanks in advance!
If the driver is changing because the base images are changing, I wonder if a custom image would help here? One can create a Docker image containing the versions of things that are needed, and then stick with that until one decides that a new one is necessary.
The "m" just means that you have multiple versions of Chrome installed in C:\Users\username\AppData\Local\Google\Chrome\Application. You might have multiple versions of Chrome if you didn't download the latest version, but updated to it. The new version won't replace the old one, in case of installation failures. So in essence, when Chrome detects that you have more than one version of Chrome, it displays "m" after the version number in the [About Google Chrome] window.
You can just check the About Google Chrome as you already have and look for "beta" and "dev" version keywords. I'm running the latest beta channel version (on Windows 7) and my "About Google Chrome" window says "beta-m". An image of something similar to what you should see can be seen at How-To Geek
Hi All,
I have an extension attribute currently that checks for wthether a certain extension in chrome is present. It works beautifully. I was wondering if anyone had a version check extension attribute handy or knew how get one working.
I found this in a search, and have the exact same question. My extension attribute retrieves ALL installed chrome extensions. I'm looking to create a smart group based on the version of ONE of these extensions, and ignore the others. Is this a problem someone has solved already?
From what I can see from the one or two Google Chrome extensions I have installed, the version may show up within the path (a folder) to the json file itself. For example, something like nmmhkkegccagdldgiimedpiccmgmieda/1.0.0.4_1/manifest.json where the 1.0.0.4 is the version. The other extension I have installed follows this pattern as well. Something like this might work:
Here's a rough EA that should grab the Chrome Extension name (if available, some of the Google ones just have MSG_APP_NAME in the json, so not so useful) and the version of the extension, and print them together with the name of the user they are installed under.
Thanks for the reply @mm2270 . I have something very similar to this already, that returns all of extensions as a string. What I'm looking for, is an integer value return that I can do 'less than' comparisons on, for a specific plug in.
I would want to narrow this down further so the EA returns an integer value for a specific plug in. For example, I would want to look for Reddit Enhancement Suite, and the EA value would return 5.12.5
@thegooch49 Well, that can be done too. Example. With this, you would need to know the specific folder name that the Google Chrome Extension uses (I believe they are always the same per extension) You would plug that into the variable called "EXTENSION_DIR" and it should print just the version string for that plug-in, if it's installed.
In the above, I'm only looking in the logged in user's folder, but you could use a similar process to my first script that loops over all home directories. Unfortunately, if more than one user has that Extension installed, that would not give you a single integer like what you're looking for.
7fc3f7cf58