According to the googlechrome Security and Desktop engineer Mr. Justin Schuh, This newest exploit is different, in that initial chain targeted Chrome code directly, and thus required the user to have restarted the browser after the update was downloaded.
For most users the update download is automatic, but restart is a usually a manual action [statement posted on twitter].
To remediate the Chrome vulnerability (CVE-2019-5786), Google released an update for all Chrome platforms on March 1; this update was pushed through Chrome auto-update. We encourage users to verify that Chrome auto-update has already updated Chrome to 72.0.3626.121 or later.
Here are the steps to update Google Chrome browser:
- Open Chrome browser
- Click on "three dots" on the right-hand side of the browser
- Click on "About Google Chrome" under Help menu. It will automatically update your browser.
- Finally, close the google chrome browser and reopen.
Read the vulnerability disclosure on the google chrome security blog here
https://security.googleblog.com/2019/03/disclosing-vulnerabilities-to-protect.html
No comments