Home News Another Google Chrome 0-Day Bug Found Actively Exploited In-the-Wild

    Another Google Chrome 0-Day Bug Found Actively Exploited In-the-Wild


    Google has addressed yet one more actively exploited zero-day in Chrome browser, marking the second such repair launched by the corporate inside a month.

    The browser maker on Friday shipped 89.0.4389.90 for Home windows, Mac, and Linux, which is predicted to be rolling out over the approaching days/weeks to all customers.

    Whereas the replace incorporates a complete of 5 safety fixes, crucial flaw rectified by Google considerations a use after free vulnerability in its Blink rendering engine. The bug is tracked as CVE-2021-21193.

    Particulars in regards to the flaw are scarce besides that it was reported to Google by an nameless researcher on March 9.

    As is often the case with actively exploited flaws, Google issued a terse assertion acknowledging that an exploit for CVE-2021-21193 however avoided sharing further data till a majority of customers are up to date with the fixes and forestall different risk actors from creating exploits concentrating on this zero-day.

    “Google is conscious of stories that an exploit for CVE-2021-21193 exists within the wild,” Chrome Technical Program Supervisor Prudhvikumar Bommana noted in a weblog submit.

    With this replace, Google has fastened three zero-day flaws in Chrome for the reason that begin of the 12 months.

    Earlier this month, the corporate issued a repair for an “object lifecycle problem in audio” (CVE-2021-21166) which it mentioned was being actively exploited. Then on February 4, the corporate resolved one other actively-exploited heap buffer overflow flaw (CVE-2021-21148) in its V8 JavaScript rendering engine.

    Chrome customers can replace to the newest model by heading to Settings > Assist > About Google Chrome to mitigate the danger related to the flaw.

    Source link