Google to users: Immediately update Chrome because the current version is under threat of cyber attack

If you haven't updated your Chrome to latest version 72.0.3626.121, chances are you may be at the risk of a cyber attack. Google is asking Chrome users to immediately update the browser to the latest Chrome version via an auto-update which was released last week by the company. While the company's changelog didn't mention of any fix then, Google has revised the announcement now to inform that the released update was rather a fix for a vulnerability CVE-2019-5786.
" To remediate the Chrome vulnerability (CVE-2019-5786), Google released an update for all Chrome platforms on March 1; this update was pushed through Chrome auto-update. We encourage users to verify that Chrome auto-update has already updated Chrome to 72.0.3626.121 or later," the company notes on its blog post.

Google says that the vulnerability has been patched in the latest Chrome version but that doesn't necessarily mean that your system is safe from the bug. To ensure that you are running the safe version of the Chrome, go to help and click on about Google Chrome. It will tell you the Chrome version that you are using. If the version is 72.0.3626.121 or above, this means you the issue has been fixed by Google.
Google says that it is aware of an exploit for CVE-2019-5786 that exists in the wild. Justin Schuh, Security and Desktop engineer at Google, in a series of tweets, explained the exploit and said it is different from the past vulnerabilities as it targets Chrome code directly which requires users to restart the browser after the update was downloaded. For most users the update download is automatic, but restart is a usually a manual action.

The bug was first spotted on February 27 by one of Google's Threat Analysis Group member. The vulnerability affects the browser's file reading API called FileReader. It allows web apps to
was related to an error in the way that Chrome uses memory, as part of a tool called FileReader which allows web apps to read the content of files stored on a computer. This could be used by malicious minds to get access to people's sensitive files.



Popular posts from this blog

How a cyber attack hampered Hong Kong protesters

Former FARC guerrilla, Colombian cop pose naked together to promote peace deal

‘Not Hospital, Al-Shifa is Hamas Hideout & HQ in Gaza’: Israel Releases ‘Terrorists’ Confessions’ | Exclusive