The CEO of Zerodium, Chaouki Bekrar, says that CVE-2019-5786 is exclusively responsible for the malicious code to break free from Chrome's security sandbox, after which it is easy for the code to execute commands on the underlying OS. Google maintains access to bug details "restricted" so that the flaw can not be exploited.
Most users who saw the company's release didn't think too much about a run-of-the-mill Chrome update, which Google provides on a regular basis, sometimes for the smallest of bugs.
If you still run an older version of Windows, the recommendation is to upgrade to Windows 10 and keep it updated with the newest patches. That said, it is still recommended to see if the browser has indeed updated itself and that the version shown is 72.0.3626.121.
A zero-day or 0day vulnerability is a bug or flaw in a code that has been discovered and disclosed but not yet patched.
Google said CVE-2019-5786 deals with "Use-after-free" in FileReader.
If you are reading this, there is a good chance you are doing so on a Chrome browser, based on the available market share data. The vulnerability CVE-2019-5786 was first spotted on February 27 by Google's Threat Analysis Group member.
If it is just a plugin, Chrome is actually smart enough that it could silently update the plugin behind the scenes without any user intervention.
You can download Opera for Windows, Linux, and macOS using these links, and given all of the above, you should make sure that you're running the latest release as soon as possible. And another Chromium-powered browser, Vivaldi, issued an updated version on March 4 to squash the bug, so evidently was affected as well.