Currently, the exploit is rapidly used by hackers and they continue to compromise Google Chrome users to gain complete control of the victim’s system.
This severe bug was reported by Clement Lecigne, of Google’s Threat Analysis Group on 2019-02-27 since the Google worked for the patch and finally, they released an emergency update with fixes for this Active zero-day vulnerability.
This Chrome zero-day Vulnerability ( CVE-2019-5786 ) mainly affected the Chrome browser’s FileReader API, that allows attackers to perform remote code execution by escaping the Chrome sandbox.
FileReader API lets web applications asynchronously read the contents of files (or raw data buffers) stored on the user’s computer.
In this case, Zerodium Founder Chaouki Tweets that, “Google discovered a Chrome RCE #0day in the wild (CVE-2019-5786). Reportedly, a full chain with a sandbox escape”
All the users are strictly recommended to update your Chrome browser to newly released version Chrome update 72.0.3626.121
Google states in their update that “the stable channel has been updated to 72.0.3626.121 for Windows, Mac, and Linux, which will roll out over the coming days/weeks.”
Google did not reveal more details about this vulnerability and a
Take a moment to check you are running the latest Chrome here else follow the step to update your browser in order to prevent from this active exploit in wide.