Cyber SecurityVulnerabilities

Google patches 8th Chrome zero-day exploited in the wild this year

0

Google released Chrome 91.0.4472.164 for Windows, Mac, and Linux to patch seven security vulnerabilities in which one of them is a high severity zero-day vulnerability that was being exploited in the wild.

Google was aware that an exploit for CVE-2021-30563 existed in the wild.

The new Chrome release has started rolling out worldwide to the Stable desktop channel and will become available to all users over the following days.

Google Chrome will automatically update itself on the next launch. It is possible for the users to even manually update it by checking for the newly released version from Settings > Help > ‘About Google Chrome.’

The zero-day patched now which was reported by Google Project Zero’s Sergei Glazunov is described as a type confusion bug in V8, Google’s open-source C++-based and high-performance WebAssembly and JavaScript engine.

Type confusion weaknesses would generally lead to browser crashes following successful exploitation by reading or writing memory out of the bounds of the buffer. But they can also be exploited by threat actors to execute arbitrary code on devices running vulnerable software.

Google however did not share any info regarding the attacks to allow the security update to deploy on as many systems as possible before more threat actors start actively abusing.

Google has patched eight Chrome zero-day bugs exploited by attackers in the wild since this year.

Priyanka R
Cyber Security Enthusiast, Security Blogger, Technical Editor, Author at Cyber Safe News

    Israeli company Candiru used Windows zero-days to deploy spyware

    Previous article

    Instagram launches ‘Security Checkup’ to help users recover hacked accounts

    Next article

    You may also like

    Comments

    Leave a reply

    Your email address will not be published. Required fields are marked *