Specifically, the vulnerability exploits a security flaw known as CVE-2019-5786. A memory management issue found in Chrome’s FileReader that allows hackers to inject and execute malicious code. To clarify, FileReader essentially allows web applications to read the contents of a user’s local file system. By targeting this process, hackers are able to fire up their malicious codes to bypass Chrome’s security and run commands beneath Windows OS.
— Social Effluencer 😈 (@justinschuh) March 7, 2019 Justin Schuh, a Chrome security engineer addressed the issue on Twitter. He attached a blog post detailing the vulnerability, along with the patch to the security flaw. If you’re updating your browser, the version of Chrome you’re looking for should be listed as “72.0.3626.121”. You can check your Chrome version by typing “chrome://settings/help” in the address bar. This should trigger an update check, and Chrome will ask you to relaunch the browser once the update has been applied. (Source: TechSpot, Engadget, Twitter, Google)