CVE-2019-5786 Chrome Vulnerability

What is CVE-2019-5786?

Recently, Chrome Vulnerability (CVE-2019-5786) exploit is in the wild and it has caught the attention of Justin Schuh, Google Chrome’s security lead and engineering director. He has warned all the Chrome User to really update their Chrome right away so that the user is using the latest version of Chrome.

Satnam Narang, a senior research engineer at Tenable have mention an statement in their website such as follows:

Use-After-Free (UAF) vulnerability in FileReader, an application programming interface (API) included in browsers to allow web applications to read the contents of files stored on a user’s computer.”

Some people might not aware¬†of what is “Use-After-Free” Vulnerabilities is? Memory corruption flaw where the risk of escalated of any privileges on the victim’s device will been exploit by the attacker.

For further reading on this “Use-After-Free” Vulnerability, can read at here

Recommendation

To fix this vulnerability is very easy where you only need to update the Chrome Version or rather reinstall a new version of Chrome into your device.

How to update your Chrome is been listed as below:

  1. Go to Top Right of the browser and click Help > About Google Chrome. An example of this step is been shown as following
Help> About Google Chrome

2. Once inside the “About Google Chrome”, you need to click the Automatic updates are turned on

3. This is will take just a few minutes to complete. Once it finish updating, you can see the status “Google Chrome is up to date” message

Source: Google Confirms Serious Chrome Security Problem – Here’s How To Fix It

Author: Wan Ariff

He brings with him more than 2 years of working experience in Information Security filed which specializing in Penetration Testing and Digital Forensic. His passion is more to IT Security

Leave a Reply

Your email address will not be published. Required fields are marked *