We’re aware of multiple vulnerabilities that have been discovered in Google ChromeOS, the most severe of which could allow a remote attacker to conduct arbitrary code execution. Depending on the privileges associated with the targeted user, an attacker could install programs, view, change, or delete data or create new accounts with full user rights.
Systems impacted:
- ChromeOS versions prior to 116.0.5845.120 (Platform version: 15509.63.0)
Google has released a patch and we recommend updating your systems as such. Please refer to the Center for Internet Security advisory for other mitigation advice and further updates on these vulnerabilities.