Easy2Patch
  • Easy2Patch Blog
  • Weekly Statistics for 2025
    • Security Ratings
  • Supported Products
  • Silent Install Parameters
  • Domain List
  • Article Page
    • Weekly Statistics for 2024
  • Catalog Posts - 2025
    • May 24 Catalog Update #20250524 - Easy2Patch
    • May 17 Catalog Update #20250517 - Easy2Patch
    • May 10 Catalog Update #20250510 - Easy2Patch
    • May 3 Catalog Update #20250503 - Easy2Patch
    • April 26 Catalog Update #20250426 - Easy2Patch
    • April 19 Catalog Update #20250419 - Easy2Patch
    • April 12 Catalog Update #20250412 - Easy2Patch
    • April 5 Catalog Update #20250405 - Easy2Patch
    • March 29 Catalog Update #20250329 - Easy2Patch
    • March 22 Catalog Update #20250323 - Easy2Patch
    • March 15 Catalog Update #20250315 - Easy2Patch
    • March 8 Catalog Update #20250308 - Easy2Patch
    • New Products on Easy2Patch Catalog #20250308
    • March 1 Catalog Update #20250301 - Easy2Patch
    • February 22 Catalog Update #20250222 - Easy2Patch
    • February 15 Catalog Update #20250215 - Easy2Patch
    • February 8 Catalog Update #20250208 - Easy2Patch
    • February 1 Catalog Update #20250201 - Easy2Patch
    • January 25 Catalog Update #20250125 - Easy2Patch
    • January 18 Catalog Update #20250118 - Easy2Patch
    • January 11 Catalog Update #20250111 - Easy2Patch
    • January 4 Catalog Update #20250104 - Easy2Patch
  • Catalog Posts - 2024
    • December 28 Catalog Update #20241228 - Easy2Patch
    • December 21 Catalog Update #20241221 - Easy2Patch
    • December 14 Catalog Update #20241214 - Easy2Patch
    • December 7 Catalog Update #20241207 - Easy2Patch
    • November 30 Catalog Update #20241123 - Easy2Patch
    • November 23 Catalog Update #20241123 - Easy2Patch
    • November 16 Catalog Update #20241116 - Easy2Patch
    • November 9 Catalog Update #20241109 - Easy2Patch
    • November 2 Catalog Update #20241102 - Easy2Patch
    • October 26 Catalog Update #20241026 - Easy2Patch
    • October 19 Catalog Update #20241019 - Easy2Patch
    • October 12 Catalog Update #20241012 - Easy2Patch
    • October 5 Catalog Update #20241005 - Easy2Patch
    • September 28 Catalog Update #20240928 - Easy2Patch
    • September 21 Catalog Update #20240921 - Easy2Patch
    • September 14 Catalog Update #20240914 - Easy2Patch
    • September 7 Catalog Update #20240907 - Easy2Patch
    • August 31 Catalog Update #20240831 - Easy2Patch
    • August 24 Catalog Update #20240824 - Easy2Patch
    • August 17 Catalog Update #20240817 - Easy2Patch
    • August 10 Catalog Update #20240810 - Easy2Patch
    • August 3 Catalog Update #20240803 - Easy2Patch
    • July 27 Catalog Update #20240727 - Easy2Patch
    • July 20 Catalog Update #20240720 - Easy2Patch
    • July 13 Catalog Update #20240713 - Easy2Patch
    • July 6 Catalog Update #20240706 - Easy2Patch
    • June 29 Catalog Update #20240629 - Easy2Patch
    • June 22 Catalog Update #20240622 - Easy2Patch
    • June 15 Catalog Update #20240615 - Easy2Patch
    • June 8 Catalog Update #20240608 - Easy2Patch
    • June 1 Catalog Update #20240601 - Easy2Patch
    • May 25 Catalog Update #20240525 - Easy2Patch
    • May 18 Catalog Update #20240518 - Easy2Patch
    • May 11 Catalog Update #20240511 - Easy2Patch
    • May 4 Catalog Update #20240504 - Easy2Patch
    • April 27 Catalog Update #20240427 - Easy2Patch
    • April 20 Catalog Update #20240420 - Easy2Patch
    • April 13 Catalog Update #20240413 - Easy2Patch
    • April 6 Catalog Update #20240407 - Easy2Patch
    • March 30 Catalog Update #20240330 - Easy2Patch
    • March 23 Catalog Update #20240323 - Easy2Patch
    • March 16 Catalog Update #20240316 - Easy2Patch
    • March 9 Catalog Update #20240309 - Easy2Patch
    • March 2 Catalog Update #20240302 - Easy2Patch
    • February 24 Catalog Update #20240224 - Easy2Patch
    • February 17 Catalog Update #20240217 - Easy2Patch
    • February 10 Catalog Update #20240210 - Easy2Patch
    • February 3 Catalog Update #20240203 - Easy2Patch
    • January 27 Catalog Update #20240127 - Easy2Patch
    • January 20 Catalog Update #20240120 - Easy2Patch
    • January 13 Catalog Update #20240113 - Easy2Patch
    • January 6 Catalog Update #20240106 - Easy2Patch
  • Catalog Posts
    • December 30 Catalog Update #20231230 - Easy2Patch
    • December 23 Catalog Update #20231223 - Easy2Patch
    • December 16 Catalog Update #20231216 - Easy2Patch
    • December 9 Catalog Update #20231209 - Easy2Patch
    • December 2 Catalog Update #20231202 - Easy2Patch
    • November 25 Catalog Update #20231125 - Easy2Patch
    • November 18 Catalog Update #20231118 - Easy2Patch
    • November 11 Catalog Update #20231111 - Easy2Patch
    • November 04 Catalog Update #20231104 - Easy2Patch
    • Easy2Patch October 28 Catalog Update #20231028
    • Easy2Patch October 21 Catalog Update #20231021
    • Easy2Patch October 14 Catalog Update #20231014
    • Easy2Patch October 07 Catalog Update #20231007
    • Easy2Patch September 30 Catalog Update #20230930
    • Easy2Patch September 23 Catalog Update #20230923
    • Easy2Patch September 16 Catalog Update #20230916
    • Easy2Patch September 9 Catalog Update #20230909
    • Easy2Patch September 2 Catalog Update #20230902
    • Easy2Patch August 26 Catalog Update #20230826
    • Easy2Patch August 19 Catalog Update #20230819
    • Easy2Patch August 12 Catalog Update #20230812
    • Easy2Patch August 05 Catalog Update #20230805
    • Easy2Patch July 29 Catalog Update #20230729
    • Easy2Patch July 22 Catalog Update #20230722
    • Easy2Patch July 15 Catalog Update #20230715
    • Easy2Patch July 8 Catalog Update #20230708
    • Easy2Patch July 1 Catalog Update #20230701
    • Easy2Patch June 24 Catalog Update #20230624
    • Easy2Patch June 17 Catalog Update #20230617
    • Easy2Patch June 10 Catalog Update #20230610
    • Easy2Patch June 03 Catalog Update #20230603
    • Easy2Patch May 27 Catalog Update #20230527
    • Easy2Patch May 20 Catalog Update #20230520
    • Easy2Patch May 13 Catalog Update #20230513
    • Easy2Patch May 6 Catalog Update #20230506
    • Easy2Patch April 29 Catalog Update #20230429
    • Easy2Patch April 22 Catalog Update #20230422
    • Easy2Patch April 15 Catalog Update #20230415
    • Easy2Patch April 8 Catalog Update #20230408
    • Easy2Patch April 1 Catalog Update #20230401
    • Easy2Patch March 25 Catalog Update #20230325
    • Easy2Patch March 18 Catalog Update #20230318
    • Easy2Patch February 11 Catalog Update #20230211
    • Easy2Patch March 4 Catalog Update #20230304
    • Easy2Patch February 25 Catalog Update #20230225
    • Easy2Patch February 18 Catalog Update #20230218
    • Easy2Patch February 11 Catalog Update #20230211
    • Easy2Patch February 4 Catalog Update #20230204
    • Easy2Patch January 28 Catalog Update #20230128
    • Easy2Patch January 21 Catalog Update #20230121
    • Easy2Patch January 14 Catalog Update #20230114
    • Easy2Patch January 7 Catalog Update #20230107
  • New Products
    • Apache Tomcat 11 Now Available in the Easy2Patch Catalog!
    • Software added to the E2P catalog in June (#202406)
    • Software added to the E2P catalog in April (#202404)
    • Software added to the E2P catalog in August (#202308)
    • Software added to the E2P catalog in July (#202307)
    • Software added to the E2P catalog in June (#202306)
    • Software added to the E2P catalog in May (#202305)
    • Software added to the E2P catalog in April (#202304)
    • Softwares added to the E2P catalog in March (#202303)
    • Applications added to the E2P catalog in February (#202302)
  • Articles
    • CVE-2025-20236: Critical RCE Vulnerability in Cisco Webex & How to Stay Safe
    • What’s New and Improved in Firefox 137.0?
    • What’s New in Chrome 135 and Why You Should Update Now
    • Git for Windows 2.48.1 is the final version of 32-bit
    • TreeSize Free Windows Server Deployment Issue
    • Google Chrome 131.0.6778.204/205 Update Released
    • Msiexec.exe: Understanding and Using the Installer Tool
    • Password Safe 3.66.0 (x64/x86) (MSI) Failed to Install Error 1683
    • GPL Ghostscript Silent Install Removed
    • What is Easy2Patch?
    • Scan Microsoft ConfigMgr for Supported Third-Party Products for Patching (Update statistics)
    • Easy2Patch 1.x End Of Life
    • Schema files not found!
    • WSUS Maintenance
    • Most effective way to up to date 3rd party software in IT environment
    • Creating App Registrations for Easy2Patch
    • How to Save Time and Labor via Easy2Patch?
    • Adding an in-house application to the Easy2Patch catalog
    • Ransomwares And Defense Strategies
    • CVE-2023-2033 Google Chrome Zero-Day Vulnerability
    • Importance of Updating 3rd Party Applications
    • Local Publishing Maximum Cab Size Setting
    • What should be considered to use 3rd Party software safely?
    • What is a 3rd Party Product?
Powered by GitBook
On this page
  1. Articles

Importance of Updating 3rd Party Applications

Berat Yazturk

PreviousCVE-2023-2033 Google Chrome Zero-Day VulnerabilityNextLocal Publishing Maximum Cab Size Setting

Last updated 2 years ago

Why it is important to update third-party applications

With the help of using updated versions, patch potential vulnerabilities fast

The operating systems installed on our computers and the vulnerabilities of the applications running on those computers could create a security vulnerability at least as serious as external threats and viruses. Software vendors gives us the ability to fix the vulnerability by publishing new versions and patches. It is very important to use up-to-date versions of applications to avoid vulnerabilities that cause from older versions of them. Easy2Patch helps you fix these vulnerabilities by analyzing current versions and new patches of the applications and distributing them in a central manner.

Google Chrome Remote Code Execution vulnerability

Firstly, we start with preparing our test environment to see the effects of vulnerability in Google Chrome. We will use Kali machine to exploit the vulnerability and Windows 10 machine as the target.

Google Chrome version: v80.0.3987.87

CVE Code: CVE-2020-6418

CVE details link:

CVE explanation: These attacks potentially let an attacker to exploit heap corruption vulnerability by using an HTML page. Even though this vulnerability is patched by Google, it still exists in all V8 versions of Google Chrome version 80.0.3987.122 .

Preparation Phase

  • We first configure both Kali and Windows 10 machines such that they will be in the same network.

  • We install vulnerable Google Chrome version to our target machine.

  • We turn back to Kali machine and start Msfconsole

  • We search for the exploit named “chrome_js”

  • We will use this exploit to penetrate the system

  • We select the exploit by writing “use 0”

  • By writing “show options”, we fill the required information

    • At this point, first of all, we look for the ip address of my Kali machine

  • Then we start configuring our exploit

  • By typing “info” we can see under which operating systems this exploit can be used

  • Lastly, by selecting the target, we start the attack

  • Now, we enter the given url above in our Google Chrome on Windows 10 machine

  • After that, when we look at Kali machine, we will that we got a session successfully

  • At this point, we can see that we successfully penetrated the Windows 10 machine

Result

You can protect your machines by automating third party application update process with the help of Easy2Patch. Along with it, also, you can make update process easy and make your systems more secure by updating your applications for which we provide a detailed update catalogue.

Here, I give the ip address of my Kali machine
We start waiting on the Kali side. If the target visits the given url, we can get a meterpreter session.
As can be seen from that, hackers can not only steal information from browser but also hack the system by using this vulnerability.
https://nvd.nist.gov/vuln/detail/CVE-2020-6418