Google’s Head of Chrome security, Justin Schuh, has warned all Chrome users to update the browser immediately to patch a fix for a zero day flaw that is being exploited right now.
The company issued a warning about the attacks in an update to a post about a Chrome update released on March 1 that contained one security fix.
Shortly after Google updated the post, Justin Schuh warned organizations and
users to update Chrome installations “like right this minute”, noting the company last week dealt with a zero-day “chain”, referring to an exploit that uses more than one vulnerability to compromise a computer.
The virus has been catchily named CVE-2019-5786, and there is currently no information about how hackers are spreading this, either through targeted or scattergun attacks.
What can it do?
There are reports that the issue could enable an attacker to remotely run arbitrary code on your PC (take remote control of your computer) whilst escaping Google Chrome’s built-in protection.
How do I fix this?
Fortunately this is a real quick issue to fix. Google have released an update to Chrome to resolve the issue, so if you’re on the latest version you’re secure. To check you’re on the latest version head over to the drop-down menu in Chrome (you’ll find it at the far right of the toolbar – click on the three stacked dots) and select Help > About Google Chrome.
This will check for the latest updates. If you’re running the latest version which is Version 72.0.3626.121 then you’re sweet. If not Chrome will update automatically.
If you want to learn more about how you can secure your business, you can book in a Cyber Security Consultation with one of the team here