Google released an update that fixes a critical vulnerability (CVE-2019-5786) in the Chrome browser, which is already actively exploited by attackers. The problem, which allows to remotely execute code on the system, affects versions of Internet-browser for all major desktop platforms — Microsoft Windows, Apple macOS and Linux.
The engineers of the company has not disclosed details about the vulnerability. We only know that it is a vulnerability use-after-free in the component FileReader. Additional information experts promised to publish later, when most users will install the update.
“The details of the vulnerability and links may be restricted for as long as most users will not install the update. The restrictions will remain in force if the bug concerns a third-party library used by other projects, but not yet fixed”, — stated in the team blog Chrome.
Eliminates a security vulnerability the patch included in the stable version of Chrome 72.0.3626.121 for Windows, Mac and Linux, which users could already receive or will receive in the coming days.
We will remind, earlier in Chrome, discovered another zero-day vulnerability. Yet it remains uncorrected.
Read more •••