Google Patches Actively Exploited Chrome Zero-Day Flaw
Time to update your Google Chrome installations immediately to the latest version. Why the urgency? There is a zero-day vulnerability for Chrome that the Google Threat Analysis Group has determined is being actively exploited in the wild.
The vulnerability, assigned as CVE-2019-5786, affects the web browsing software for all major operating systems including Microsoft Windows, Apple macOS, and Linux.
Without revealing technical details of the vulnerability, the Chrome security team says the issue is a use-after-free vulnerability in the FileReader component of the Chrome browser, which leads to remote code execution attacks.
What’s more worrying? Google warned that this Zero-Day vulnerability is actively being exploited in the wild by attackers. Google Chrome’s security lead, Justin Schuh, has warned that users of the most popular web browser should update „like right this minute.“
The patch for the security vulnerability has already been rolled out to its users in a stable Chrome update 72.0.3626.121 for Windows, Mac, and Linux operating systems, which users may have already receive or will soon receive in the coming days.
Get A Report of All Vulnerable Chrome Installations
If you currently have Google Chrome deployed on your workstations, it’s pretty critical that you update it at the earliest opportunity to ensure that you don’t fall prey to this exploit.
Our custom color-coded report can tell you in no time which devices have a vulnerable Chrome version in place and need to be patched. Immediately patch all critical workstations with our custom deployment package.
If you haven’t already, start your free Lansweeper trial and get a list of all vulnerable Chrome versions in no time.