All Chrome users are at danger thanks to a new 0-day vulnerability. Cybersecurity researchers advise everyone to update Chrome to its latest version.
This new 0-day is identified as CVE-2019-5786, and the more concerning thing is that Google says it is “aware of reports that an exploit exists in the cyberspace as we speak.”
For those who don’t know the difference between a vulnerability and exploit we will explain it right away; a vulnerability is a bug that makes software go wrong in a way that reduces computer security. An exploit instead is a way of deliberately triggering a vulnerability to sneak past a security control.
But don’t get fooled, all vulnerabilities represent a risk, by definition, even if the worst you can do with the bug is to crash a program or produce a sea of unexpected error messages. Keep in mind that vulnerabilities are the creators of all exploits, which are very dangerous cyber matters.
For example, hackers can make a program crash in a cunning way that leaves the software alive but with the hackers in direct control of its execution, rather than killing off the program entirely and leaving the attackers staring at an apologetic operating system error message.
Remember everything can be hacked. In order to stay away from any threats related to the cyber world, we recommend the install of antivirus for Windows or antivirus for Mac on every device that you own, depending on which OS your device is running. If you are a company, it is also recommended to hire every year a specialized cybersecurity company that will run annual tests on your company’s network. These tests include penetration testing and ethical hacking tests;
Follow these easy steps to protect yourself!
Check if you’re up-to-date, in order to do this go to the About Google Chrom window, by typing in the Chrome address bar the URL://settings/help and hit enter. This action will show the current version and also do an update check at the same time.
Always protect yourself and install the latest security packages because a 0-day represent the most devious vulnerability of them all. In other words, a 0-day is nothing more than a cyber attack launched against a cyber system without the possibility to stop or detect it.
For the moment the only information about the Chrome CVE-2019-5786 0-day comes from Google and it is not much because all the bug details and links are kept restricted until a majority of users are protected by a fix. Some cybersecurity researchers say that this vulnerability involves a memory mismanagement bug in a part of Chrome called FileReader.
FileReader is a programming tool that makes it easy for web developers to pop up menus and dialogs asking you to choose from a list of local files.
For the moment there is literally nothing that a user can do to protect itself from this new threat. The only recommendation is to make sure Chrome is up to date.
We would continue to monitor this cybersecurity problem. Meanwhile, users should keep a keen eye out for any cyber attacks. Remember to use an antivirus for Windows or antivirus for Mac in every device that you own, depending on which OS your machine is running, If you are a company we recommend to hire every year a specialized cybersecurity company that will run annual tests on your company’s network, tests like this include: penetration testing and ethical hacking.