Serious Chrome zero-day exploited in the wild, update “right this minute”
You must update your Google Chrome immediately to the latest version of the web browsing application.
Security researcher Clement Lecigne of Google's Threat Analysis Group discovered and reported a high severity vulnerability in Chrome late last month that could allow remote attackers to execute arbitrary code and take full control of the computers. The vulnerability, assigned as CVE-2019-5786, affects the web browsing software for all major operating systems including Microsoft Windows, Apple macOS, and Linux.
What's more worrisome? Google warned that this zero-day RCE vulnerability is actively being exploited in the wild by attackers to target Chrome users. It appears to exploit this vulnerability, all an attacker needs to do is tricking victims into just opening, or redirecting them to, a specially-crafted webpage without requiring any further interaction.
To check that you’re up-to-date, go to the About Google Chrome… window, accessible from the address bar by typing in the special URL chrome://settings/help. This will not only show the current version but also do an update check at the same time, just in case any recent auto-updates have failed or your computer hasn’t called home yet.