New Google Chrome Zero-Day Vulnerability Found Actively Exploited in the Wild

[ March 07, 2019 ]

Security researcher Clement Lecigne of Google’s Threat Analysis Group discovered and reported a high severity vulnerability in Chrome late last month that could allow remote attackers to execute arbitrary code and take full control of the computers.

The vulnerability, assigned as CVE-2019-5786, affects the web browsing software for all major operating systems including Microsoft Windows, Apple macOS, and Linux

Without revealing technical details of the vulnerability, the Chrome security team only says the issue is a use-after-free vulnerability in the FileReader component of the Chrome browser, which leads to remote code execution attacks.

To exploit this vulnerability, all an attacker needs to do is tricking victims into just opening, or redirecting them to, a specially-crafted webpage without requiring any further interaction.

Cyber Security Tips:   

  • The patch for the security vulnerability has already been rolled out to its users in a stable Chrome update 72.0.3626.121 for Windows, Mac, and Linux operating systems, which users may have already receive or will soon receive in coming days.
  • Make sure your system is running the updated version of the Chrome web browser.

 


 

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: