Google · Google Chrome · CVE-2018-6169
**Name of the Vulnerable Software and Affected Versions**
Google Chrome versions prior to 68.0.3440.75
**Description**
The issue is related to the lack of a timeout on the extension installation prompt in Google Chrome, allowing a remote attacker to initiate the installation of a malicious Chrome extension using a specially crafted HTML page. This could potentially lead to the installation of unwanted extensions.
**Recommendations**
For Google Chrome versions prior to 68.0.3440.75, update to version 68.0.3440.75 or later to resolve the issue.