Google urged Chrome users to update the new version immediately to fix the vulnerability

Immediately after reading this article, you must remember to update your Google Chrome immediately to the latest version!

Immediately after reading this article, you must remember to update your Google Chrome immediately to the latest version!

On March 6, security researcher Clement Lecigne of Google Threat Analysis Group discovered and reported a serious security vulnerability that appeared in Chrome around the end of last month, which could allow someone to arbitrary attacks execute remote code and simultaneously take complete control of targeted computers.

This vulnerability is named CVE-2019-5786, and directly affects the Chrome platform that works on all popular operating systems, from Windows, macOS, to Linux.

Google urged Chrome users to update the new version immediately to fix the vulnerability Picture 1Google urged Chrome users to update the new version immediately to fix the vulnerability Picture 1

  1. Supercomputers can completely detect cyber threats

The Threat Analysis Group has yet to disclose more technical details about this vulnerability, only to announce that this is essentially a use-after-free vulnerability that appears in Chrome's FileReader component, leads to remote code execution.

So what's more disturbing here? Google has warned that this zero-day RCE is being actively exploited by attackers to target Chrome users, especially those with high-end users who don't have much knowledge of security.

'Access to details and link errors can be restricted until most Chrome users are updated with a fix. In addition, we will also maintain restrictive measures if this error still exists in a third-party library that other similar projects are dependent on. The work is being urgently deployed by Google '.

FileReader is a standard API designed to allow synchronized web applications to read the content of files (or raw data buffers) stored on a user's computer, using "File" or "Blob" to specify the file or data object to read.

Google urged Chrome users to update the new version immediately to fix the vulnerability Picture 2Google urged Chrome users to update the new version immediately to fix the vulnerability Picture 2

  1. Windows 10 KB4482887 update is officially released with Specter patch

The use-after-free vulnerability is a type of memory-related error, causing the memory to be corrupted or allowing data to be modified in memory, making the user completely deprived of privileges on the system or affected software.

The use-after-free vulnerability in the FileReader component can allow non-privileged attackers to now gain important rights in the user's Chrome browser, helping them to get rid of measures. Protection from sandbox and arbitrary code execution on targeted systems.

Basically, to exploit this vulnerability, all the attacker needs to do is trick the victim into opening or redirecting to a specially designed website without any other interaction.

Google urged Chrome users to update the new version immediately to fix the vulnerability Picture 3Google urged Chrome users to update the new version immediately to fix the vulnerability Picture 3

  1. Install the patch immediately for Windows Server & Windows 10 to run IIS so that it will not be attacked by DOS

Google is calling all its users to update immediately to the latest version of Google Chrome 72.0.3626.121, released on March 1, 2019 for Windows, Mac and Linux operating systems. Google also mentioned that, manually updating Chrome, the patch is now available to all users.

5 ★ | 2 Vote