Skip to main content
Teralax
Participant
October 17, 2017
Answered

CVE-2017-11292 / APSB17-32 question

  • October 17, 2017
  • 1 reply
  • 568 views

On the bulletin page it says this vulnerability exists in version 27.0.0.159 for Chrome and Desktop.  It doesn't say prior versions so if we are running 27.0.0.130 for Chrome and Desktop are we ok?  I was skipping .159 because it wasn't a security update. 

    This topic has been closed for replies.
    Correct answer jeromiec83223024

    You should upgrade to 27.0.0.170. 

    1 reply

    jeromiec83223024
    jeromiec83223024Correct answer
    Inspiring
    October 17, 2017

    You should upgrade to 27.0.0.170. 

    Teralax
    TeralaxAuthor
    Participant
    October 18, 2017

    Ok then.   Was it you that updated the document to now say earlier versions?  Thanks for the reply.

    jeromiec83223024
    Inspiring
    October 18, 2017

    We have a dedicated product security group that manages that documentation.  It usually includes "and below" to avoid any confusion.  It was probably just a quickly corrected oversight.  I started to rationalize why it might be that way, but figured it was better to just be unequivocal about what should happen.