Patch Google Chrome immediately: zero-day CVE-2019-5786 vulnerability in the wild
According to cybersecurity specialists, if you are using the Google Chrome web browser, you need to take immediate action and update your web browsing app right now! A new zero-day vulnerability on Chrome was discovered by Google's Threat Analysis Group and is related to remote execution of arbitrary code.
The flaw, under the code CVE-2019-5786, could be exploited on all operating systems, including Microsoft Windows, Mac OS X, and Linux. According to the public announcement from Chrome's security lead, the vulnerability was actively exploited at the time the update 72.0.3626.121 was released to patch it (on March 1st).
Cybercriminals can use the browser flaw to gain a remote access to targeted computer systems
The now-patched Google Chrome vulnerability allows hackers to launch a specific code and take over the targeted computer systems remotely. Additionally, the Google cybersecurity team has discovered that the flaw is located in the FileReader API component in the Google Chrome browser application and is the main issue which allows launching code through remote servers.
FileReader is a feature which uses specific components such as “File” or “Blob” to investigate and view information which is stored on the user's machine. The API allows the web browser application to access and view all content that is stored in the user's files and documents.
Additionally, Google has noted that all details about the flaw will be not disclosed until a significant number of users update their Google Chrome web browser in order to avoid the cruel consequences which can be brought by the bug if cybercriminals managed to misuse it for illegitimate activity:
Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
Hackers can exploit the bug by convincing users to visit compromised websites
This zero-day can be exploited by hackers as soon as the visitor visits or is redirected to a specially designed website, without the user performing any further actions. According to the Center of Internet Security advisory, the consequences of exploitation highly depend on what type of privileges are given to the application itself:
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code in the context of the browser. Depending on the privileges associated with this application, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. If this application has been configured to have fewer user rights on the system, exploitation of this vulnerability could have less impact than if it was configured
Thus, those who did get exploited but had privileges set to low might avoid severe consequences of such development. However, according to the advisory, the threat level of the flaw for large, high-profile governmental organizations and businesses remains high, so immediate patching of the system is required.
Unfortunately, as practice shows, multiple companies fail to update zero-day flaws on time, which consequently results in thousands, if not millions, in damages. Additionally, in some cases, valuable, sensitive customer data might be lost as well.