Fil9

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 27.0.1453.116 Google Chrome OS versions prior to 27.0.1453.116 **Description** The issue allows remote attackers to obtain sensitive information from a machine's physical environment via a clickjacking attack. This is demonstrated by an attack using a crafted Cascading Style Sheets (CSS) opacity property, which exploits the Flash plug-in's failure to properly determine whether a user wishes to permit camera or microphone access by a Flash application. **Recommendations** For Google Chrome versions prior to 27.0.1453.116, update to version 27.0.1453.116 or later. For Google Chrome OS versions prior to 27.0.1453.116, update to version 27.0.1453.116 or later.