If you haven’t updated google chrome on your computer to the latest version, you might want to do that now. Security researcher Clement Lecigne from Google, discovered and reported a severe vulnerability last month that when exploited, allowed for threat actors to execute arbitrary code to gain access to targeted computer.
The vulnerability (CVE-2019-5786) has been identified to impact all operating systems including Mac OSX, Windows, and Linux. The issue has been identified from the report that it is a use-after-free vulnerability within the FileReader component, which is a type of memory corruption flaw that refers to an attempt to access memory after it has been freed. The FileReader is an API that can be found in all major browsers that lets web apps read the contents of files stored in the user’s computer. Google is withholding the technical details as the identified vulnerability is currently being exploited by threat actors targeting Chrome users. To exploit this particular vulnerability, the threat actors entices their victims to a click a link or otherwise be re-directed to a compromised websites.
The patch for this vulnerability has already been rolled out from Google for users to update. To better protect yourself, make sure to check if your Chrome is up-to-date with update 72.0.3626.121.