Search Engine Giant Warns To Update Google Chrome Due To Security Flaw

Update Google Chrome

Simon / Pixabay

The internet can sometimes be far from safe, especially when there are hackers who want to compromise our security. That said, Google Chrome has suffered active attacks in the last week, and now Google warns people to immediately update Google Chrome due to a security flaw known as CVE-2019-5786, or zero-day vulnerability.

According to ZDNet, updating the Chrome browser automatically fixed the issue with vulnerability, which is why it’s important for users to immediately check whether they are running the latest version, currently active 72.0.3626.121, preferably right after reading this article.

Google warned its users to update Google Chrome due to a security flaw via Google Chrome’s security lead and engineering director, Justin Schuh, who posted the warning on his Twitter account, saying it’s important to update “like right this minute.” If such a person posted something like that, then we can safely conclude that the flaw is real.

What is Zero-Day Vulnerability?

As explained on Forbes by Darvey Winder, zero-day vulnerability is a security flaw which was developed by hackers to harm your personal data, and thus your device. What makes this security flaw more prominent and harder to spot than others is that it takes effect before the ethical hackers or cyber security experts have actually detected them, leaving little to no time to fix the issue before too much damage is done.

The bad news is that the security flaw is already being exploited through older versions of Google Chrome. The good news, however, is that you can update Google Chrome and get rid of it for good.

There’s not much information about what CVE-2019-5786 precisely does at the moment, however Satnam Narang, a senior research engineer at Tenable described it on their website as “Use-After-Free (UAF) vulnerability in FileReader, an application programming interface (API) included in browsers to allow web applications to read the contents of files stored on a user’s computer.”

As ZDNet reports, there are malicious PDF files on the internet which are in use for exploiting the vulnerability.

“The PDF documents would contact a remote domain with information on the users’ device –such as IP address, OS version, Chrome version, and the path of the PDF file on the user’s computer,” it says in the report.

How to update Google Chrome?

To update Google Chrome due to the security flaw, open the browser and click “About Google Chrome,” which can be found in the Help section found in the drop-down menu along with bookmarks, history and other settings. Afterwards, Chrome will update automatically if there is a new version. While web browsers update automatically without an issue, it’s still good to check and be better safe than sorry.




About the Author

Danica Simic
Danica Simic has been writing ever since she was a child. Before she started writing for ValueWalk she was reviewing laptops, headphones and gaming equipment as well as writing articles about astronomy and game development. Danica is a student of applied and computational physics while also studying software and data engineering. Her hobbies include reading, swimming, drawing and gaming whenever she has free time. - Email her at dsimic@valuewalk.com