Google urges users to download and install the latest Chrome update ASAP

Google Warns Users of Two Zero Day Vulnerabilities in Chrome

Google Warns Users of Two Zero Day Vulnerabilities in Chrome

If Google Chrome is bugging you to update it right now, please stop what you're doing, and get that upgrade. The reason he is sounding the alarm is because the latest update to Chrome mitigates a zero-day security hole labeled as CVE-2019-5786. At this point, details of the vulnerability are scant, as Google said it's restricting access to bug details until a majority of users have installed the update. The vulnerability identified by Google allows malicious code to leave Chrome's security environment and run commands on the underlying OS.

The company said in a blog post that it is "aware" that a zero-day exploit for Chrome "exists in the wild". The exploit, known as CVE-2019-5786, is said to be a use-after-free flaw in the browser's FileReader application programming interface, an API created to allow the browser to access and read locally stored files.

Google has urged all its users to immediately update to the latest version of Google Chrome after a critical vulnerability was discovered. If the update hasn't already rolled out to you, you should manually check for it.

Romelu Lukaku on best Man Utd goal run since Cristiano Ronaldo
Pogba will be back in action for the quarter finals, and United will certainly not fear any other side after tonight's result. Speaking to BT Sport following the match, Rashford and Lukaku were soon joined by a jubilant Pogba .

Chrome updates itself automatically, though if you leave your PC and browser running all the time, you may see a little green icon alerting you that a browser restart is required to apply the update. ZDnet reports that the hack exploited a security flaw named CVE-2019-5786, a patch to this issue was included in a version of Chrome released on March 1st; the version number was 72.0.3626.121.

Potential attackers can employ maliciously crafted web pages created to allow them to use previously-freed memory on a visitor's computer via the Chrome FileReader API to execute arbitrary code and take over the device or trigger a denial of service condition.

Recommended News

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.