Moneycontrol PRO
Upcoming Event:Attend Algo Convention Live, 2 Days & 12+ Speakers at best offer Rs.999/-, exclusive for Moneycontrol Pro subscribers. Register now!
you are here: HomeNewsTechnology

Google rolls out Chrome update to fix zero day exploits

Chrome version 95.0.4638.69 fixes zero-day vulnerabilities that hackers have exploited

October 29, 2021 / 06:08 PM IST
The release fixes seven exploits, two of which have already been used

The release fixes seven exploits, two of which have already been used

Google is rolling out Chrome version 95.0.4638.69 for Windows, Mac and Linux. The release fixes seven vulnerabilities, two of which were zero-day exploits being actively employed.

As seen by Bleeping Computer, all seven of the vulnerabilities were classified "High" and it is recommended you update as soon as possible.

You can check if your browser is updated by clicking on the three vertical buttons next to your profile picture and selecting Settings. Then select About Chrome from the left. Chrome will check for updates and auto update or you can check if your version number is the same as the one mentioned above.

Google so far hasn't disclosed details for the attacks that used the two zero-day exploits. The two flaws were titled CVE-2021-38000 and CVE-2021-38003. One of these vulnerabilities involved a bug in Chrome's V8 JavaScript engine, while the other occurs due to, "Insufficient validation of untrusted input in Intents."

CVE-2021-38000 was discovered by Clement Lecigne, Neel Mehta and Maddie Stone from Google's threat analysis group. Lecigne also discovered the second vulnerability, CVE-2021-38003.

Close

This is Chrome's fifteenth fixed zero-day to be fixed this year and it is strongly recommended that you turn on Enhanced Protection within Chrome's settings.

Click on Settings, then look for Privacy and Security on the left. Click on it, and you should see a button for Check Now under Safety Check. Run the check and once it finishes, click on Safe Browsing. Then select Enhanced Protection.

Google has remained mum on how the vulnerabilities were exploited or the attacks they were used in.



Download your money calendar for 2022-23 here and keep your dates with your moneybox, investments, taxes

Moneycontrol News
first published: Oct 29, 2021 06:08 pm
Sections
ISO 27001 - BSI Assurance Mark