Google is urging users to update Chrome across all platforms after a critical vulnerability was discovered and patched.
The vulnerability exploits a security flaw known as CVE-2019-5786. The security flaw is a memory management issue in Chrome’s FileReader which gives hackers the opportunity to inject and execute malicious code.
FileReader is a embedded program in most browsers that allows web apps to read the contents of a user’s local file system. The vulnerability identified by Google allows malicious code to leave Chrome’s security environment and run commands on the underlying OS.