1 min read

Update your Chrome browser now! 0-day actively exploited in the wild

Filip TRUȚĂ

March 07, 2019

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Update your Chrome browser now! 0-day actively exploited in the wild

Google has released a new stable version of its Internet surfing software equipped with a patch for a zero-day vulnerability reportedly being exploited in the wild. The flaw can allow an attacker to gain full access to the victim”s machine.

Last month, Clement Lecigne of Google’s Threat Analysis Group revealed that Chrome suffered a “use-after-free” vulnerability (CVE-2019-5786) in the FileReader component of the Chrome browser. FileReader is an API that lets web applications asynchronously read the contents of files (or raw data buffers) on the user’s computer, using File or Blob objects to specify the file or data to read. A bad actor leveraging the use-after-free flaw can perform remote code execution attacks.

“Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” Google says in a blog post. “We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven”t yet fixed.”

The Internet giant says it is aware of reports that an exploit for this vulnerability exists in the wild. The flaw is present in all desktop versions of Chrome (Windows, macOS, Linux).

As Google itself said, the technicalities are still under tight wraps until enough people apply the patch, which can be found in the Help menu – About Google Chrome. If you don”t know where that is, just paste this path – chrome://settings/help – in your browser”s URL bar and hit Enter. At the end of the updating process, your browser should be at version 72.0.3626.121 or higher. Get patching!

tags


Author



Right now

Top posts

The Holiday Guide to Tech Support: Fixing the Family Computer

The Holiday Guide to Tech Support: Fixing the Family Computer

November 24, 2021

2 min read
Bitdefender Celebrates 20 Years of Cybersecurity Leadership

Bitdefender Celebrates 20 Years of Cybersecurity Leadership

November 04, 2021

3 min read
Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

Bitdefender Study Reveals How Consumers Like (and Dislike) Managing Passwords

October 26, 2021

3 min read
What are drive-by download attacks and how do you prevent them?

What are drive-by download attacks and how do you prevent them?

October 25, 2021

2 min read
Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

Criminals Can't Wait to Add Your IoT Device to Their DDoS Networks

October 22, 2021

2 min read
Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

Six in 10 Consumers Faced a Cyber Threat in 2021, New Bitdefender Study Reveals

October 20, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Chrome 96 Gets 22 More Security Fixes with New Incremental Update Chrome 96 Gets 22 More Security Fixes with New Incremental Update
Filip TRUȚĂ

December 08, 2021

1 min read
Most Employees Believe Passwords Affect Their Productivity, Research Finds Most Employees Believe Passwords Affect Their Productivity, Research Finds
Silviu STAHIE

December 06, 2021

1 min read
US State Department iPhones Infected with Pegasus Spyware – Report US State Department iPhones Infected with Pegasus Spyware – Report
Filip TRUȚĂ

December 06, 2021

2 min read