Chrome’s latest release fixes a Zero Day undergoing active exploitation.
Google Chrome version 72.0.3626.121 released last week which fixes the issue.
Google said it is aware an exploit for this vulnerability already exists, so it urges everyone to install the latest version of Chrome.
FileReader is an API that makes it possible for web apps to access locally-stored files, and a successful attack would technically provide an attacker the potential to run code and drop other payloads on a compromised host.
The security vulnerability was discovered by Clement Lecigne of Google’s Threat Analysis Group, who reported it in late February. The patch was included in the March 1 update for Google Chrome on the desktop.