A serious vulnerability has been discovered in the browser that is actively exploited to trigger attacks on users’ browsers. An engineer at Google shows on Twitter that it is a dangerous vulnerability in Google Chrome. The vulnerability was already closed, but please update to the latest build 72.0.3626.121.
Google gave no further details about the vulnerability so that people with malicious intentions had little chance to abuse the leak. However, from the looks of it attackers are exploiting an unpatched vulnerability in Google Chrome’s built-in PDF file reader. Trough the vulnerability, information about the system is disclosed, such as the IP address, operating system, Chrome version, and the full path of the PDF file. Only once most users of the browser have installed the update, Google wants to give more information. Anyone who does not yet have version 72.0.3626.121 is advised to update the browser.
This is how you update Google Chrome
- Open the Chrome browser
- Click on the three dots or the arrow at the top right of the screen
- There is ‘Update Google Chrome’ when an outdated version is used
- If it is not there, the latest version already was installed