The Chrome Security team has released a fix for a highly critical vulnerability in Google Chrome (72.0.3626.121) with CVE-2019-5786 that could allow a remote attacker to execute arbitrary code and take full control of the computers. Please note that this vulnerability is being actively exploited.
The Chrome security team reported the issue as a use-after-free vulnerability found in the FileReader component of the Chrome browser. The security team hasn't revealed any technical details of the vulnerability as it's actively being exploited.
To patch this critical zero-day vulnerability with ManageEngine Desktop Central, search for the following Patch IDs: 309117 (32-bit), 309118 (64-bit) or Bulletin ID: TU-017
Complete Information of the vulnerability:
Product name: Google Chrome version 72.0.3626.121
CVE ID: CVE-2019-5786
Status: Exploited in the wild (Zero-day vulnerability)
Impact if not patched: Remote Code Execution
Component: FileReader component
Patch ID: 309117 (32-bit), 309118 (64-bit)