Google have registered a thread, CVE-2018-5786, but have yet to provide any further insight into the issue. The Common Vulnerabilities and Exposures website tracks thousands of bugs across thousands of individual software items. Upgrading Google Chrome is easy, by following this link, ‘Get a Chrome Update’, you can upgrade to the latest to remove this threat. This Remote Code Execution, or RCE, can allow hackers to implant malware without the user knowing, ultimately giving remote access without user consent.Ĭurrently there is no workaround however upgrading to the latest release of Google Chrome should be considered a priority. However according to official notes, the FileReader system allows the hacker to gain more general control allowing them to remotely execute code. Google has kept the details of the exploit under wraps for fears that the attack might become more wide spread and preventing copy cat hackers. The software bug relates to a part of Google Chrome called FileReader which allows the contents of files to be read once given permission by the user. Justin Schuh explains that the internet giant announced that it had uncovered a bug in their software, commonly known as a Zero-Day exploit.
(Only the headline and picture of this report may have been reworked by the Business Standard staff the rest of the content is auto-generated from a syndicated feed.A prominent security engineer has warned that users of Google Chrome need to update their favorite web browser immediately. "We would like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel," said the company. This latest update comes just days after Google released Chrome version 105 on August 30. This is the sixth zero-day vulnerability Chrome has faced to date this year.Ĭhrome users now need to relaunch their browser to activate the latest security update. "We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed," it added.
"Access to bug details and links may be kept restricted until a majority of users are updated with a fix," Google said in a security update. The company said it has released a security patch for Google Chrome users on Windows, Mac and Linux operating systems that will roll out over the coming days/weeks. The tech giant said it is aware of reports that an exploit for 'CVE-2022-3075' exists in the wild, mentioning the vulnerability as "Insufficient data validation in Mojo" reported by an anonymous security researcher. Google has advised its users to immediately install a security update in its Chrome browser to safeguard themselves against a serious bug being actively exploited by hackers.
0 kommentar(er)
