The Chrome Security team has released a fix for a highly critical vulnerability in Google Chrome (72.0.3626.121) with CVE-2019-5786 that could allow a remote attacker to execute arbitrary code and take full control of the computers. Please note that this vulnerability is being actively exploited.

The Chrome security team reported the issue as a use-after-free vulnerability found in the FileReader component of the Chrome browser. The security team hasn't revealed any technical details of the vulnerability as it's actively being exploited.

To patch this critical zero-day vulnerability with ManageEngine Desktop Central, search for the following Patch IDs: 309117 (32-bit), 309118 (64-bit) or Bulletin ID: TU-017

Complete Information of the vulnerability:

Product name: Google Chrome version 72.0.3626.121

CVE ID: CVE-2019-5786

Severity: Critical

Status: Exploited in the wild (Zero-day vulnerability)

Impact if not patched: Remote Code Execution

Component: FileReader component

Patch ID: 309117 (32-bit), 309118 (64-bit)