Stop What You're Doing and Update Google Chrome

In all likelihood, your Chrome browser updated itself automatically, but if you want to check, go to Settings About Chrome, and make sure you're on version 72.0.3626.121.

If you need to install updates, or restart the browser, Chrome will give you the option to do so.

The vulnerability is now present on browsers for all operating systems, Windows 10, MacOS, Linux, Android and Chrome OS.

Google believes that this is the only version of the OS where it works because the exploit mitigations Microsoft introduced in the newer versions of OS, Windows 10 in particular, would prevent it.

Windows 7 users are at risk from a "serious" bug that could let malicious hackers take over their computer, Google has warned.

The company shared a blog post in which it said an update that should fix the vulnerability, which it described as "high" in severity, had already been issued. The reason he is sounding the alarm is because the latest update to Chrome mitigates a zero-day security hole labeled as CVE-2019-5786.

All one has to do is open a Google Chrome window and click on the three vertical dots in the right-hand corner.

"Past 0days targeted Chrome by using Flash as the first exploit in the chain", he explained.

Microsoft, he added, is working on a fix in Windows 7, but systems could be vulnerable to online "drive by" attacks until the company provides a fix or some form of mitigation. In fact, while Chrome might have done all it could to patch itself in the background, without warning the user, it would be caught waiting for them to do the final part.

Detailing the Microsoft Windows zero-day bug, Legine said, "It is a local privilege escalation in the Windows win32k.sys kernel driver that can be used as a security sandbox escape".

"The vulnerability is a NULL pointer dereference in win32k!MNGetpItemFromIndex when NtUserMNDragOver () system call is called under specific circumstances", writes Clement Lecigne, member of Google's Threat Analysis Group.

Vanessa Coleman

Comments