Google Chrome 0-Day Vulnerability actively exploited in the wild, update now
9 replies, posted
Google Chrome Zero
A new zero-day vulnerability in Google Chrome is actively exploited in attacks in the wild. The vulnerability was discovered late February by Clement Lecigne, a security researcher at the Google Threat Analysis Group. The high severity zero-day flaw in Chrome could be exploited by a remote attacker to execute arbitrary code and take full control of the target computer.
The vulnerability tracked as CVE-2019-5786 resides in the web browsing software and impact all major operating systems including Windows, Apple macOS, and Linux.
Lecigne did not reveal technical details of the issue, Google experts only revealed that the CVE-2019-5786 flaw is a use-after-free vulnerability in the FileReader component of the Chrome browser. FileReader is a standard API that allows web applications to asynchronously read the contents of files stored on a computer, using ‘File’ or ‘Blob’ objects to specify the file or data to read.
https://twitter.com/justinschuh/status/1103087046661267456
Thank god I use Firefox.
Because, as we know, Firefox is entirely immune to exploitation.
On today's episode of 70% of all vulnerabilities being memory safety issues...
I'm glad they fixed this
but I'm still waiting for them to undo their massive fuckup of making F6 highlight your first tab instead of the address bar for some ungodly reason
I’m still waiting for gif video controls to come back.
sure, but in this instance it is.
and so is chrome, it's been fixed
Press it again, it'll highlight the address bar.
I'm fully aware, but the fact remains that highlighting the tab is entirely fucking useless when there are already shortcuts to switch between tabs with the keyboard
I know ctrl+d and alt+l exist, but F6 is so ingrained in memory (especially when every other program with an address bar uses it) that it just feels like a change for the sake of change
Sorry, you need to Log In to post a reply to this thread.
