Users Advised to Update Chrome to Patch Zero-Day Vulnerability

A zero-day vulnerability in Google Chrome was patched in last Friday’s update to version 72.0.3626.121. The security flaw is a memory error that exists in Chrome’s FileReader, a web API that lets web apps read the contents of files stored on a user’s computer. Successful exploitation of the vulnerability could allow a threat actor to execute malicious code. According to Chrome’s security lead, the vulnerability is already being actively exploited by threat actors. The NJCCIC highly advises Google Chrome users for Windows, Mac, and Linux operating systems to update to version 72.0.3626.121 as soon as possible and review the release notes for more information.