Google is rolling out a massive update with security fixes for Chrome, one of which fixes the zero-day exploit in its V8 JavaScript engine. The exploit allowed threat actors to gain access to a victim's data by running malicious software. This is now the ninth zero-day exploit that Google has fixed.
What made this fix even more important is the fact that this bug is still being exploited in the wild and was first found by an anonymous researcher on July 12. Google acknowledged the existence of the exploit but did not share details as per the modus operandi during cases like these, to prevent further exploitation of the bug.
As the hacker news points out, this is now the ninth exploit that Google has had to fix this year -
- CVE-2021-21148 - Heap buffer overflow in V8
- CVE-2021-21166 - Object recycle issue in audio
- CVE-2021-21193 - Use-after-free in Blink
- CVE-2021-21206 - Use-after-free in Blink
- CVE-2021-21220 - Insufficient validation of untrusted input in V8 for x86_64
- CVE-2021-21224 - Type confusion in V8
- CVE-2021-30551 - Type confusion in V8
- CVE-2021-30554 - Use-after-free in WebGL
If you are unsure how to update Chrome to the latest version, you can do so by following these simple steps -
- Click on the hamburger menu (three dots) on the top right next to your profile icon.
- Click on Settings
- Click on About Chrome to the left
- That's it! Chrome will now automatically update itself. The latest version with the fix is 91.0.4472.164.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
