Google is urging Chrome users to replace the web browser right away to patch a 0-day vulnerability that is being actively exploited.
In a Tuesday tweet, Google Chrome Security and Desktop Engineering Lead Justin Schuh said users must install the browser’s latest version, seventy-two. Zero 3626.121—right away.
“Seriously, update your Chrome installs… Like right this minute,” he wrote.
Google began rolling out the patch for Chrome on Windows, Mac, and Linux on Friday. This week, Google revealed that the replacement corrects an “excessive” severity flaw—CVE-2019-5786—that has been under attack by cybercriminals.
“Google is aware of reports that make the most for CVE-2019-5786 exist in the wild,” the web giant said.
A member of Google’s Threat Analysis Group first said the worm on Feb. 27. At this point, information about the vulnerability is scant, as Google stated it is restricting access to malicious program information until most customers have set up the replacement.
As ZDNet notes, the vulnerability is “a memory control blunder in Google Chrome’s FileReader—a web API covered in all primary browsers that lets native apps study the contents of documents stored on the user’s computer.” The Trojan horse might also permit the execution of malicious code.
For the most part, Chrome updates are automated, meaning you don’t just do an awful lot beyond starting and closing the browser window. However, it can take some days to a complete week for every person to be routinely updated to the latest version. In this example, you need to manually trigger the replacement to ensure that you’re on the trendy model as quickly as possible.
