Chrome browser users are urged to install the latest update of their browser to prevent hackers from hijacking their PC.
In a recent announcement from National Cybersecurity, users are warned they need to updater their Chrome browser to the latest version that was released today. The Chrome version is 78.0.3904.87, and must immediately be installed so that two vulnerabilities can be patched accordingly.
One of these vulnerabilities has already been caught in the wild, as hackers tried to hijack computers. The report from National Cybersecurity states that the Chrome security team are “use-after-free vulnerabilities, one affecting Chrome’s audio component (CVE-2019-13720) while the other resides in the PDFium (CVE-2019-13721) library.”
This type of vulnerability allows corruption or modification of data in the memory, giving an unauthorized user privileges on a system or software that have been affected by the vulnerability. The two flaws allow remote hackers to gain access on the Chrome web browser, “just by convincing targeted users into visiting a malicious website, allowing them to escape sandbox protections and run arbitrary malicious code on the targeted systems.”
Vulnerability CVE-2019-13720 Found Exploited in the Wild
Kaspersky researchers Anton Ivanov and Alexey Kulaev have discovered the audio component vulnerability CVE-2019-13720 exploited by hackers, but haven’t pinpointed which specific group used it.
The Google Chrome security team stated that:
“Google is aware of reports that an exploit for CVE-2019-13720 exists in the wild.”
They have patched the security vulnerabilities in Chrome version 78.0.3904.87, which is available for Windows, Mac, and Linux operating systems.
Update Chrome Browser Right Away
Chrome browser usually notifies users to update to the last version, but this time it’s better to manually update it by going following these steps:
- Go to ‘Menu’ (top right icon)
- Look for ‘Help’
- Click on ‘About Google Chrome’
You will be redirected to a page, where the update should automatically begin once it has finished checking for the new updates. Then, users are instructed to relaunch the browser.
Google is expected to release more technical details on these vulnerabilities, so we’ll make sure to keep you updated.