Today we released a hotfix for the Rocket.Chat desktop client.This fixes some vulnerabilities found on Chrome (CVE-2017-5124) and Electron (CVE-2018-1000006).We urge users to update their Rocket.Chat desktop client to the latest version as these bugs can be exploited for remote code execution which can result in stolen data and system compromise.If you are a developer and maintain a forked version of Rocket.Chat please ensure to update your dependencies.Please consult Rocket.Chat.Electron for more information.If you have any questions, concerns or require advice please contact security@rocket.chat or chat to us on https://open.rocket.chat/channel/support.Special thanks to rmetzler for reporting both vulnerabilities found in the Rocket.Chat repository.
Get started with Rocket.Chat’s secure collaboration platform
Talk to sales
Frequently asked questions about <anything>
- Digital sovereignty
- Federation capabilities
- Scalable and white-labeled
- Highly scalable and secure
- Full patient conversation history
- HIPAA-ready
- Secure data governance and digital sovereignty
- Trusted by State, Local, and Federal agencies across the world
- Matrix federation capabilities for cross-agency communication
%201.svg)
- Open source code
- Highly secure and scalable
- Unmatched flexibility
- End-to-end encryption
- Cloud or on-prem deployment
- Supports compliance with HIPAA, GDPR, FINRA, and more
- Supports compliance with HIPAA, GDPR, FINRA, and more
- Highly secure and flexible
- On-prem or cloud deployment
