This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Zero Day vulnerability in Google Chrome (CVE-2019-13720, CVE-2019-13721 )

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Zero Day vulnerability in Google Chrome (CVE-2019-13720, CVE-2019-13721 )

SahulH
L3 Networker

‎11-04-2019 12:38 AM

Hi Team,

 

Anyone know which Content Update (released or upcoming) might contain a mitigation for CVE-2019-13720, CVE-2019-13721

 

Refer the below link for Vulnerability details:
https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-google-chrome-could-allow-for-arbitr...

 

Best Regards,

Sahul Hameed

0 Likes Likes
8 REPLIES 8

Remo
L7 Applicator

‎11-04-2019 04:39 AM

Hi @SahulH 

So far there is no vulnerability protection signature for these two CVEs. May be tomorrow when the new content update should be released there will be one but I really don't know if and when there will be a signature. Paloalto normally does not share this kind of information prior to release, but you could ask this question to support to may be get an answer.

kpolly
L1 Bithead
In response to Remo

‎11-04-2019 10:01 AM

Does anyone know if Palo Alto has released any signatures yet?  Cisco releases theirs on 11/2.  

0 Likes Likes

S.Cantwell
Cyber Elite
Cyber Elite
In response to kpolly

‎11-04-2019 11:01 AM

@kpolly 

 

If you do a "Check Now" for your Dynamic Updates, you will see if PANW has released anything.

Do you have your Dynamics Updates scheduled (for Threats) to check every hour?

You may want to consider this.

 

If you only check 1x per week, you may be missing emergency updates.

 

What other questions can we answer for you?

Help the community: Like helpful comments and mark solutions
0 Likes Likes

kpolly
L1 Bithead
In response to S.Cantwell

‎11-04-2019 11:16 AM

Hi Steve,

 

Thank you for the info.  My team (security team) does not manage the Palo(our Network Team does).  Is there a website that I can visit that will provide me a list of the signatures that are available from Palo Alto so we can easily see if there is a signature for this zero day?  We want to verify that if there is a sig that it has been applied. 

 

Thank you

 

Karyn

0 Likes Likes

Remo
L7 Applicator
In response to kpolly

‎11-04-2019 11:22 AM

Hi @kpolly 

 

As soon as an update becomes available you should see it here: https://treatvault.paloaltonetworks.com (if you search for the CVE number)

0 Likes Likes

kpolly
L1 Bithead
In response to Remo

‎11-04-2019 12:02 PM

Thank you!

0 Likes Likes

SahulH
L3 Networker
In response to S.Cantwell

‎11-11-2019 09:44 PM

@S.Cantwell 

 

Hi Team,

 

For this Vulnerability i have opened up a TAC case and Palo Alto Threat team is waiting for a public PoC that was not yet found so far for our threat researcher to have enough details to produce a signature.

 

Best Regards,

Sahul Hameed

0 Likes Likes

Remo
L7 Applicator
In response to SahulH

‎12-17-2019 11:27 AM

FYI: With the emergency content update 8218 released today, there is now a vulnerability signature for CVE-2019-13720.

0 Likes Likes
  • 7926 Views
  • 8 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks