Georgian security researcher Ucha Gobejishvili has identified a critical vulnerability that affects the latest variant of the popular Google Chrome web browser.
To demonstrate his findings, the expert published a proof-of-concept video. He claims that the security hole can be leveraged to silently download and install third-party applications on the target system.
The POC video was made on a Windows 7 64-bit operating system, but according to Gobejishvili, it works on all versions of Windows.
For the flaw to be exploited, all the victim needs to do is open a website and the malicious code does the rest of the work.
“For security reasons, the exploit code and technical details of the underlying vulnerabilities will not be publicly disclosed,” the researcher said.
Google has been notified on the issue.