Google fixes another zero-day vulnerability in Chrome

The update fixes a total of seven security flaws in the desktop versions of Google Chrome.

Google has released a Chrome update targeting several security issues, including a zero-day vulnerability. The bugs affect Chrome versions for Windows, macOS and Linux.

“Google is aware of reports that exploits for CVE-2021-21224 exist in-the-wild,” Google said of the recently revealed zero-day vulnerability, which resulted from an error in the JavaScript V8 engine. used in Chrome and other Chromium-based web browsers.

The first vulnerability, indexed CVE-2021-21222, affects the chromium V8 engine and is buffer overflow type, facilitating attacks based on RAM corruption, in order to obtain unintended results from the application developer.

The second bug, labeled CVE-2021-21225, also manifests itself as a memory access error, although with a slightly different mode of operation. CVE-2021-21223 targets the Mojo component, also functioning as a buffer-overflow error. The fourth most serious vulnerability, CVE-2021-21226, occurs in Chrome browsing sessions.

“Successfully exploiting the most severe of these vulnerabilities could allow an attacker to execute arbitrary code inside the browser. Depending on the privileges associated with the application, an attacker could view, modify or delete data “, warned the Internet Security Center.

Without going into too much detail, Google recommends that users update their web browsers to the latest version available (at least Chrome 90.0.4430.85), thus reducing the chances of reported vulnerabilities being exploited in cyber attacks.

For most Chrome users, updates should be applied automatically. But to shorten the wait, you can visit the Help – About Google Chrome section of the main menu, triggering the immediate verification and installation of the latest available version of Chrome.

You May Also Like

Leave a Reply

Your email address will not be published. Required fields are marked *