In the end of this July, Google released the latest version of Chrome 68 which shows all non-HTTPS websites as “Not Secure” to make the internet platform more secure and to prevent users from visiting malicious or harmful websites.
Recently a security researcher Ron Masas from Imperva discovered a Google Chrome bug in all previous versions of Chrome. The vulnerability is identified as CVE-2018-6177. By exploiting this vulnerability hackers/attackers can easily get your private information from web platforms like Facebook and Google.
According to Imperva, the cause of this flaw is Chrome’s rendering engine “Blink” as it handles the audio and video HTML tags. So, Hackers can easily inject these hidden tags into websites and monitor the response from Chrome received from a website like Facebook. After exploiting this security bug, Hacker can collect in-depth profiling information of users, including their age, gender, location data and, interests.
According to a member of the Google security team, the vulnerability could also work against on websites using APIs to fetch user information.
This Google Chrome bug is almost the same browser bug which was addressed in June. The previous vulnerability allowed an attacker to read the content of your Gmail or personal Facebook messages.
Google patched this reported vulnerability in their latest release of Chrome 68. So its strongly recommended to all chrome users who are still using an older version of Chrome to update it to the latest version.