Users need to update Google Chrome to patch 2 new Zero-Day flaws under Attack


By MYBRANDBOOK


Users need to update Google Chrome to patch 2 new Zero-Day flaws under Attack

Google has released security updates for Chrome web browser to address a total of 11 security issues, two of which it says are actively exploited zero-days in the wild.

 

Tracked as CVE-2021-30632 and CVE-2021-30633, the vulnerabilities concern an out of bounds write in V8 JavaScript engine and a use after free flaw in Indexed DB API respectively, with the internet giant crediting anonymous researchers for reporting the bugs on September 8.

 

The company said it is "aware that exploits for CVE-2021-30632 and CVE-2021-30633 exist in the wild" without sharing additional specifics about how, when, and where the vulnerabilities were exploited, or the threat actors that may be abusing them.

 

Google has addressed a total of 11 zero-day vulnerabilities in Chrome since the start of the year -

 

· CVE-2021-21148 - Heap buffer overflow in V8

· CVE-2021-21166 - Object recycle issue in audio

· CVE-2021-21193 - Use-after-free in Blink

· CVE-2021-21206 - Use-after-free in Blink

· CVE-2021-21220 - Insufficient validation of untrusted input in V8 for x86_64

· CVE-2021-21224 - Type confusion in V8

· CVE-2021-30551 - Type confusion in V8

· CVE-2021-30554 - Use-after-free in WebGL

· CVE-2021-30563 - Type confusion in V8

 

Chrome users are advised to update to the latest version (93.0.4577.82) for Windows, Mac, and Linux by heading to Settings > Help > 'About Google Chrome' to mitigate the risk associated with the flaws.

 E-Magazine 
 VIDEOS  Placeholder image

Copyright www.mybrandbook.co.in @1999-2024 - All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission of Kalinga Digital Media Pvt. Ltd. is prohibited.
Other Initiatives : www.varindia.com | www.spoindia.org