Google has revealed that there is a zero-day vulnerability in its chrome browser which attackers are actively exploiting. Google released a patch on March 1 to fix the problem without publicizing the fact. The upshot is that you need to update Google Chrome as soon as possible.
The bug tagged as CVE-2019-5786, was originally discovered by Clement Lecigne of Google’s Threat Analysis Group on Wednesday, February 27th and is currently under active attack. What makes the security vulnerability different from previous exploits is that the browser needs to be restarted for the fix to take effect. The attackers can use this vulnerability to execute a Remote Code Execution or RCE and to ensure safety, ensure you are updated to the latest version 72.0.3626.121 that comes with the fix.
The vulnerability allegedly allows malicious code to escape Chrome’s security sandbox and run commands on the underlying OS. Those using the browser on a Windows OS are in for double the trouble as Google revealed that the bug was being used in concert with a second vulnerability in the system. The issue may impact those running windows 7 32-bit systems.
If you are still using the old system, it is recommended to move to a newer version of the OS or install the security patches.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
