Google has revealed that a zero-day bug in its Chrome browser was being actively exploited. Google released a patch on March 1 to fix the problem without publicizing the fact. The upshot is that you need to update Google Chrome as soon as possible.
What Is a Zero-Day?
A zero-day, also written as 0-day, is a vulnerability that hackers have discovered and exploited before a developer has found and fixed the issue. The “zero-day” referring to how long developers have to patch the problem before it’s exploited in the wild.
It’s rare for Google to be hit by zero-day exploits. The company has countless security researchers working to find and fix these issues before the bad guys start exploiting them. However, on this particular occasion, it looks like Google was caught with its pants down.
Google is describing CVE-2019-5786 as a memory mismanagement bug in FileReader. This is the part of web browsers that allows web apps to read files stored on a user’s computer. And it’s thought this could allow malicious code to be executed.
Also, seriously, update your Chrome installs… like right this minute. #PSA
— Justin Schuh ? (@justinschuh) March 6, 2019
Details are thin on the ground at the moment, as Google wants to get everyone updated before revealing all of the gory details. But it seems this bug can be used to implant malware and then potentially used to take over your computer remotely.
Update Google Chrome Now
It’s likely that your Chrome browser has already updated itself, thereby killing this bug before it can be exploited any further. However, just to be on the safe side, you should check for updates and make sure you’re running Version 72.0.3626.121 or higher.
To check what version of Chrome you’re running, open Chrome, then click the three vertical dots to open Settings. Then click Help, then About Chrome. This will tell you what build you have installed, and you can click “Check for Updates” to ensure you’re up to date.
To learn more about Google Chrome, check out our essential Google Chrome FAQ.
Image Credit: Stephen Shankland/Flickr