Google Patches Actively Exploited Chrome Zero-Day Flaw
Time to update your Google Chrome installations immediately to the latest version. Why the urgency? Google issued an emergency update to address two vulnerabilities for Chrome, one of which is a Zero-Day flaw being actively exploited in the wild.
One of the worst nightmares for IT professionals became real for Google Engineers on Halloween night. They issued an urgent update for the browsers across all platforms to address not one but two security vulnerabilities.
With the release of Chrome 78.0.3904.87, Google is warning millions of users to install an urgent software update immediately to patch two high severity vulnerabilities, one of which attackers are actively exploiting in the wild to hijack computers.
High-Severity 0-Day Exploit
The two high severity vulnerabilities are known as CVE-2019-13720 and CVE-2019-13721 and classed as „use-after-free“ vulnerabilities, which allow for a PC to be hijacked.
The actively exploited vulnerability was discovered by Kaspersky and has received the identifier CVE-2019-13720 and represents a use-aster-free bug in the audio component of the browser.
This is the second Chrome Zero-Day detected this year. Back in March, Google patched another Chrome Zero-Day (CVE-2019-5786).
Audit & Find All Vulnerable Chrome Installations
If you currently have Google Chrome deployed on your workstations, it’s pretty critical that you update it at the earliest opportunity to ensure that you don’t fall prey to this exploit.
Our color-coded Chrome Audit Report can tell you in no time which devices have a vulnerable Chrome version in place and need to be patched.
If you haven’t already, start your free Lansweeper trial and get a list of all vulnerable Chrome versions in no time.