Simply put, there is a zero-day vulnerability for Chrome that the Google Threat Analysis Group has determined is being actively exploited in the wild. The bad news for users of Google Chrome is that this particular zero-day vulnerability, CVE-2019-5786, is already being exploited by the bad guys. "The PDF documents would contact a remote domain with information on the users' device --such as IP address, OS version, Chrome version, and the path of the PDF file on the user's computer" Cimpanu says. First, head over to the drop-down menu in Chrome (you'll find it at the far right of the toolbar - click on the three stacked dots) and select Help|About Google Chrome. Travis Biehn, technical strategist and research lead at Synopsys, said "Google Chrome is some of the most robustly engineered C and C++ code on the planet, the security teams working on Chrome are world-class.

Source: Forbes March 07, 2019 05:52 UTC