Google Chrome Security Lead Justin Schuh says 0day vulnerability is being actively exploited in the wild. The security issue is a use-after-free flaw in the browser’s FileReader API, an API designed to allow the browser to access and read locally stored files. Users should always keep their apps up to date, run software or log on using a limited account, and think twice before visiting websites they don’t trust or click on links from unknown sources. Fortunately, Google Chrome should be configured by default to auto-update to the latest stable release.
Source: https://www.bleepingcomputer.com/news/security/google-chrome-update-patches-zero-day-actively-exploited-in-the-wild/