Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Google urged Chrome users to update the new version immediately to fix the vulnerability
Immediately after reading this article, you must remember to update your Google Chrome immediately to the latest version!
On March 6, security researcher Clement Lecigne of Google Threat Analysis Group discovered and reported a serious security vulnerability that appeared in Chrome around the end of last month, which could allow someone to arbitrary attacks execute remote code and simultaneously take complete control of targeted computers.
This vulnerability is named CVE-2019-5786, and directly affects the Chrome platform that works on all popular operating systems, from Windows, macOS, to Linux.
- Supercomputers can completely detect cyber threats
The Threat Analysis Group has yet to disclose more technical details about this vulnerability, only to announce that this is essentially a use-after-free vulnerability that appears in Chrome's FileReader component, leads to remote code execution.
So what's more disturbing here? Google has warned that this zero-day RCE is being actively exploited by attackers to target Chrome users, especially those with high-end users who don't have much knowledge of security.
'Access to details and link errors can be restricted until most Chrome users are updated with a fix. In addition, we will also maintain restrictive measures if this error still exists in a third-party library that other similar projects are dependent on. The work is being urgently deployed by Google '.
FileReader is a standard API designed to allow synchronized web applications to read the content of files (or raw data buffers) stored on a user's computer, using "File" or "Blob" to specify the file or data object to read.
- Windows 10 KB4482887 update is officially released with Specter patch
The use-after-free vulnerability is a type of memory-related error, causing the memory to be corrupted or allowing data to be modified in memory, making the user completely deprived of privileges on the system or affected software.
The use-after-free vulnerability in the FileReader component can allow non-privileged attackers to now gain important rights in the user's Chrome browser, helping them to get rid of measures. Protection from sandbox and arbitrary code execution on targeted systems.
Basically, to exploit this vulnerability, all the attacker needs to do is trick the victim into opening or redirecting to a specially designed website without any other interaction.
- Install the patch immediately for Windows Server & Windows 10 to run IIS so that it will not be attacked by DOS
Google is calling all its users to update immediately to the latest version of Google Chrome 72.0.3626.121, released on March 1, 2019 for Windows, Mac and Linux operating systems. Google also mentioned that, manually updating Chrome, the patch is now available to all users.
Lesley MontoyaYou should read it
- Google Chrome has a function to warn users about MitM attacks
- Microsoft warns of Windows BlueKeep attacks
- Google launched Chrome 33, patched 7 new security bugs
- ProFTPD remote code execution vulnerability affects more than 1 million servers worldwide
- Google found 7 security bugs on the famous network software Dnsmasq
- The unsafe 'feature' on UC Browser allows hackers to take control of Android phones remotely
- Detects code execution vulnerabilities in WinRAR, noting more than 100 infringement cases
- The security flaw threatens more than 2 billion Google Chrome users
May be interested
- Attack analysis uses Excel 4.0 macros to disguise
on october 18, 2018, 360 threat intelligence center for the first time recorded an example of an attack using excel 4.0 macro to spread the trojan remote control imminent monitor. - Google has reported a zero-day vulnerability that has just appeared in Windows 7, Microsoft has not yet released a patchaccording to google's disclosure in a blog post on march 7, 2019, microsoft seems to be having a problem with a zero-day vulnerability in windows 7 that has yet to release a thorough patch.
- Ransomware STOP started installing Trojans to steal victim passwordsin addition to encrypting files on the system, ransomware stop strains have also started quietly installing the azorult password stealing trojan on the victim's computer to steal account information, electronic wallet, and file desktop ...
- Scary data breaches in China: Information about the 'fertility' of more than 1.8 million women leakeda recent breach of the leaked online unprotected database in the world's most populous country has revealed a list of 'creepy' information collected on more than 1.8 million women in this country.
- Application protection against DFA attacksdifferential fault analysis, also known as dfa, is an attack technique designed to recover cryptographic keys from the application ...
- Facebook with online payment feature on iOS and Android, is testingrecently, facebook has suddenly launched a new, very useful mobile payment feature that makes it easier and more convenient for users to shop and turn this world's largest social network into a commercial center. online.
Attack the network
Google releases an urgent update for Chrome, users should update immediately- Google warns of 5 serious security holes in Chrome, recommends users to update the patch immediately
- Discovered seven extremely serious security holes in Google Chrome
- Windows users need to update their software immediately
- Appearing a zero-day vulnerability in Firefox, Mozilla advises users to update to the latest version immediately
Google releases an urgent update for Chrome, users should update immediately
Google warns of 5 serious security holes in Chrome, recommends users to update the patch immediately
Discovered seven extremely serious security holes in Google Chrome
Windows users need to update their software immediately
Appearing a zero-day vulnerability in Firefox, Mozilla advises users to update to the latest version immediately