Published: Fri, March 08, 2019
Industry | By Jeannie Evans

Google Reveals Zero-Day Exploit In Chrome: How To Fix Your Browser

Google Reveals Zero-Day Exploit In Chrome: How To Fix Your Browser

"I wonder which one will get more attention?" he said before adding the following: "Also, seriously, update your Chrome installs. like right this minute".

Lecigne described the Windows 7 zero-day as "a local privilege escalation in the Windows win32k.sys kernel driver that can be used as a security sandbox escape".

Chrome updates itself automatically, though if you leave your PC and browser running all the time, you may see a little green icon alerting you that a browser restart is required to apply the update.

The version of Google Chrome that you want to have installed to ensure protection from this vulnerability is 72.0.3626.121 (or later).


A warning by Justin Schuh comes in a form of a #PSA or a "Public Service Announcement", according to the engineer, while Google explained that "access to bug details and links may be kept restricted until a majority of users are updated with a fix".

Always make sure your browsers, software programs, and computer operating systems are up-to-date in order to best protect yourself from vulnerabilities.

As ZDNet notes, the vulnerability is "a memory management error in Google Chrome's FileReader-a web API included in all major browsers that lets web apps read the contents of files stored on the user's computer". Google has acknowledged the existence of exploits using this vulnerability already existing in the wild.

Google saw the Windows vulnerability in targeted attacks, chained with a zero-day vulnerability (CVE-2019-5786) in Chrome browser that received a patch on March 1 with the release of version 72.0.3626.121. It's not safe to venture out there alone (or at least without the latest browser updates).

Like this: