A critical issue has been discovered in Chrome that allows malicious attackers to escape the browser’s sandbox and execute code on the underlying operating system (CVE-2019-5786). This issue has also been seen running in the wild, even before an update was available. Luckily, there is an update now that resolves this issue.
On Twitter, the leading Chrome security engineer put it this way, “seriously, update your Chrome installs… like right this minute.”
System administrators should consider pushing a relaunch notification if they do not have the ability to force a Chrome upgrade and restart.
Make sure you’re also up to date on other Google Chrome issues: Why Google Automatic Sign-In is a Privacy Risk.