For all those of you who use Google Chrome, you’d probably be aware of one substantial gaping security flaw in the much-used browser. This error made it easy to launch zero-day attacks and was actively used during them. Now, however, Google has announced a new Chrome update that’ll make Mac, Windows, and Linux Chrome users immune to such attacks; at least the ones launched using this error.
The flaw developed due to a memory management error in Chrome’s FileReader API. It allows web apps to access local desktop files, making it easier for malicious code to be executed. This vulnerability is known as ‘use-after-free’.
The Updated Version
The March 1 Chrome update fixed the flaw named CVE-2019-5786. This new version 72.0.3626121 changes nothing in the browser except for fixing this security flaw. Hence, Google has urged all its users to make this update.
But while all Chrome users need to make this update, it’s a must for Windows users, as it is used for a more complex attack against Windows 7. It was discovered that both the Operating system and the Browsers had zero-day flaws at roughly the same time. In addition, when exploited together, they put the user at a very vulnerable position.
So, all you Chrome users out there, go update the browser, NOW! Because as they, precaution is better than cure!