Emergency !! Hackers Exploited Active Google Chrome Zero-day in Wide – Update Chrome Now


Google announced an emergency warning about active Google Chrome zero-day vulnerability that exploited in wide and urged users to update the chrome immediately.

Source: gbhackers

Currently, the exploit is rapidly used by hackers and they continue to compromise Google Chrome users to gain complete control of the victim’s system.

This severe bug was reported by Clement Lecigne, of Google’s Threat Analysis Group on 2019-02-27 since the Google worked for the patch and finally, they released an emergency update with fixes for this Active zero-day vulnerability.

Google employees urged their online followers to update all their Chrome browser to 72.0.3626.121 for Windows, Mac, and Linux.

Parisa Tabriz

@laparisa

Update yo’ @googlechrome!

Ben Hawkes@benhawkes

“Google is aware of reports that an exploit for CVE-2019-5786 exists in the wild.” — https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop.html … (another discovery by @_clem1)

76 people are talking about this

Justin Schuh 🗑@justinschuh

Last week we got to deal with a real 0day chain and a faux 0day at the same time. I wonder which one will get more attention? 🤔 https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop.html 

Stable Channel Update for Desktop

The stable channel has been updated to 72.0.3626.121 for Windows, Mac, and Linux,   which will roll out over the coming days/weeks. Secur…

chromereleases.googleblog.com

Justin Schuh 🗑@justinschuh

Also, seriously, update your Chrome installs… like right this minute.

232 people are talking about this

This Chrome zero-day Vulnerability ( CVE-2019-5786 ) mainly affected the Chrome browser’s FileReader API, that allows attackers to perform remote code execution by escaping the Chrome sandbox.

The FileReader API lets web applications asynchronously read the contents of files (or raw data buffers) stored on the user’s computer.

In this case, Zerodium Founder Chaouki Tweets that, “Google discovered a Chrome RCE #0day in the wild (CVE-2019-5786). Reportedly, a full chain with a sandbox escape”

Chaouki Bekrar

@cBekrar

Google discovered a Chrome RCE in the wild (CVE-2019-5786). Reportedly, a full chain with a sandbox escape: https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop.html 

In 2019, I expect epic 0days to be found in the wild: Android, iOS, Windows, Office, virtualization, and more. Stay safe and enjoy the show.

Stable Channel Update for Desktop

The stable channel has been updated to 72.0.3626.121 for Windows, Mac, and Linux,   which will roll out over the coming days/weeks. Secur…

chromereleases.googleblog.com

150 people are talking about this

All the users are strictly recommended to update your Chrome browser to newly released version Chrome update 72.0.3626.121

Newly updated Version

Google states in their update that “the stable channel has been updated to 72.0.3626.121 for Windows, Mac, and Linux, which will roll out over the coming days/weeks.”

Google did not reveal more details about this vulnerability and also said, “Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed “

Take a moment to check you are running the latest Chrome here else follow the step to update your browser in order to prevent from this active exploit in wide.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: