Critical Security Vulnerability Patched in Google Chrome
Google Chrome users are strongly advised to install the latest update, which addresses a critical vulnerability in the browser. The issue affects the open-source Blink engine used in Chrome and allows attackers to execute arbitrary code within the browser context, steal sensitive information, bypass security restrictions, perform unauthorized actions, or cause the browser to crash.
βDepending on the application’s privileges, an attacker could install programs, view, modify, or delete data, or create new accounts with full user rights,β the Center for Internet Security explained in its advisory.
The vulnerability (CVE-2019-5869) is a use-after-free flaw. It can be exploited when a user visits a specially crafted web page. The bug affects Google Chrome versions prior to 76.0.3809.132. The new, fixed version 76.0.3809.132 for Windows, Mac, and Linux is already available.
Positive Technologies is conducting a study on how much time information security specialists spend working with SIEM systems and invites you to anonymously answer a few questions: https://surveys.hotjar.com/s?siteId=1095096&surveyId=140403