1 mins read — Jan 25, 2018

Electron 2.10.2 hotfix release


by Louise Message

Electron 2.10.2 hotfix release

Today we released a hotfix for the Rocket.Chat desktop client.

This fixes some vulnerabilities found on Chrome (CVE-2017-5124) and Electron (CVE-2018-1000006).

We urge users to update their Rocket.Chat desktop client to the latest version as these bugs can be exploited for remote code execution which can result in stolen data and system compromise.

If you are a developer and maintain a forked version of Rocket.Chat please ensure to update your dependencies.

Please consult Rocket.Chat.Electron for more information.

If you have any questions, concerns or require advice please contact security@rocket.chat or chat to us on https://open.rocket.chat/channel/support.

Special thanks to rmetzler for reporting both vulnerabilities found in the Rocket.Chat repository.

unsplash-logoRobert Zunikoff

Share article

Related Articles View all