Google · Google Chrome · CVE-2014-9689
**Name of the Vulnerable Software and Affected Versions**
Google Chrome versions prior to 41.0.2272.76
**Description**
The issue allows remote attackers to obtain speech signals from a device's physical environment via a crafted web site that listens for `ondeviceorientation` events. This is achieved by not properly restricting access to high-rate gyroscope data.
**Recommendations**
For versions prior to 41.0.2272.76, update to version 41.0.2272.76 or later to resolve the issue.