Developers who use the popular Electron development framework are being advised that apps created with the tool could have a critical vulnerability. Based on Node.js, V8 and Chromium, Electron enables the creation of cross-platform apps using JavaScript, HTML, and CSS. The newly discovered security bug affects only Windows apps created that use custom protocol handlers. The vulnerability allows hackers to execute code remotely.
Electron has released a patch for the bug and is encouraging developers to upgrade immediately.