Potential high risk vulnerability was found in the Chrome browser which has the capacity to enable remote attackers to execute code and carry out nefarious activities; it was recently found by Google which later asked its users to update it.
“The stable channel has been updated to 76.0.3809.132 for Windows, Mac, and Linux, which will roll out over the coming days/weeks,” stated Srinivas Sista of Google Chrome.
The vulnerability (CVE-2019-5869) exists in Blink, an open source browser engine that runs the Google Chrome browser. These Browser engines are a major part of every browser and their primary role is to transform HTML documents into visual representations on user’s devices. Blink (first came into existence in 2013 and was developed as a part of the premium project).
According to the researchers this vulnerability in the blink could bypass security restrictions, execute arbitrary code on the system or cause denial-of-service (Dos).The advisories have labeled it as a use-after-free-flaw bug and its attempts to access the memoryis triggered, right after the memory has been freed. This could result in the crash of a program.
“Depending on the privileges associated with the application, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights,” said a Center for Internet Security advisory.
The recent update has fixed a total of three security issues but the details of the other two are not revealed by the company.