Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
| From | RS Wood <rsw@therandymon.com> |
|---|---|
| Newsgroups | comp.misc |
| Subject | Active Google Chrome exploit |
| Date | 2019-03-10 20:44 -0400 |
| Organization | solani.org |
| Message-ID | <tjnglf-blp.ln1@rasp.therandymon.com> (permalink) |
From the «this post sponsored by Brave, the browser» department: Title: New Google Chrome Zero-Day Vulnerability Found Actively Exploited in the Wild Author: Fnord666 Date: Sun, 10 Mar 2019 05:31:00 -0400 Link: https://soylentnews.org/article.pl?sid=19/03/09/1638200&from=rss upstart[1] writes: Submitted via IRC for SoyCow1984 New Google Chrome Zero-Day Vulnerability Found Actively Exploited in the Wild[2] You must update your Google Chrome immediately to the latest version of the web browsing application. Security researcher Clement Lecigne of Google's Threat Analysis Group discovered and reported a high severity vulnerability in Chrome late last month that could allow remote attackers to execute arbitrary code and take full control of the computers. The vulnerability, assigned as CVE-2019-5786[3], affects the web browsing software for all major operating systems including Microsoft Windows, Apple macOS, and Linux. Without revealing technical details of the vulnerability, the Chrome security team only says the issue is a use-after-free vulnerability in the FileReader component of the Chrome browser, which leads to remote code execution attacks. What's more worrisome? Google warned that this zero-day RCE vulnerability is actively being exploited in the wild by attackers to target Chrome users. [...] The patch for the security vulnerability has already been rolled out to its users in a stable Chrome update 72.0.3626.121 for Windows, Mac, and Linux operating systems, which users may have already receive or will soon receive in coming days. So, make sure your system is running the updated version of the Chrome web browser. ------------------------------------------------------------------------------ Original Submission[4] Read more of this story[5] at SoylentNews. Links: [1]: http://soylentnews.org/~upstart/ (link) [2]: https://thehackernews.com/2019/03/update-google-chrome-hack.html (link) [3]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5786 (link) [4]: http://soylentnews.org/submit.pl?op=viewsub&subid=32168 (link) [5]: https://soylentnews.org/article.pl?sid=19/03/09/1638200&from=rss (link)
Back to comp.misc | Previous | Next — Next in thread | Find similar | Unroll thread
Active Google Chrome exploit RS Wood <rsw@therandymon.com> - 2019-03-10 20:44 -0400
Re: Active Google Chrome exploit Roger Blake <rogblake@iname.invalid> - 2019-03-11 03:50 +0000
Re: Active Google Chrome exploit Computer Nerd Kev <not@telling.you.invalid> - 2019-03-11 06:04 +0000
Re: Active Google Chrome exploit Anssi Saari <as@sci.fi> - 2019-03-11 10:20 +0200
csiph-web