Google · Google Chrome · CVE-2019-5879
**Name of the Vulnerable Software and Affected Versions**
Google Chrome versions prior to 77.0.3865.75
**Description**
The issue is related to insufficient policy enforcement in extensions, which can be exploited by a remote attacker to gain access to confidential data. This can occur when a user is convinced to install a malicious extension, allowing the attacker to read local files via a crafted Chrome Extension.
**Recommendations**
For versions prior to 77.0.3865.75, update to version 77.0.3865.75 or later to resolve the issue. As a temporary workaround, consider restricting the installation of extensions to only trusted sources until the update is applied.