The Broadband Guide
SG
search advanced
 Username:
 Password:
Register
 forgot password?

Latest Chrome update plugs a zero-day hole

2019-03-07 17:15 by
Tags: ,

 

A critical security flaw inside Chrome is being used by hackers and could allow them to break into people's computers. The bug is already being exploited.

Google described the security flaw as a memory management error in Google Chrome's FileReader - a web API included in all major browsers that lets web apps read the contents of files stored on the user's computer.

More specifically, the bug is a use-after-free vulnerability, a type of memory error that happens when an app tries to access memory after it has been freed/deleted from Chrome's allocated memory. An incorrect handling of this type of memory access operation can lead to the execution of malicious code.

The vulnerability (CVE-2019-5786) affects Windows, Linux, Android, ChromeOS, and macOS builds of Chrome. A fix for the flaw has been shipped with the latest desktop (Windows, Mac, Linux) and Android Chrome versions, as well as that for Chrome OS. Desktop Chrome users are urged to upgrade to v72.0.3626.121, Android users to v72.0.3626.121, and Chrome OS users to v72.0.3626.122.

Read more -here-

 

  Post your review/comments
    rate:
   avg:
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About