CVE-2019-5786: Vulnerability in Google Chrome, Patch Immediately
NEWS

CVE-2019-5786: Vulnerability in Google Chrome, Patch Immediately

Google Chrome has been found vulnerable to a zero-day vulnerability for which there may be an active exploit in the wild. The vulnerability in question is assigned the CVE-2019-5786 number, and fortunately, it has been patched.




All Chrome users are urged to update to the latest version of the browser to avoid attacks.

The vulnerability in question is assigned the CVE-2019-5786 number, and fortunately, it has been patched. All Chrome users are urged to update to the latest version of the browser to avoid attacks.

CVE-2019-5786 Technical Information

Google has not said much about the zero-day. “Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed,” the company said in an announcement.

Related:
The recent rise of Spectre vulnerabilities that allows malicious code to hijack sensitive data is being addressed in the latest version Google Chrome
Google Chrome Mitigates Spectre Vulnerability Via Site Isolation

What is known about the vulnerability is that it affects the browser\s FileReader API. It is a use-after-free flaw that can allow attackers to escape the Chrome sandbox and carry out remote code execution attacks on vulnerable systems.

CVE-2019-5786 was reported by Clement Lecigne who is a researcher for Google Threat Analysis Group on February 27. The good news is that the vulnerability has been fixed in the latest desktop versions of Chrome as well as in the Android and Chrome OS systems.

That being said, desktop Chrome users should immediately upgrade to v72.0.3626.121, Android users to v72.0.3626.121, and Chrome OS users to v72.0.3626.122.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum for 4 years. Enjoys ‘Mr. Robot’ and fears ‘1984’. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles!

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...