Press "Enter" to skip to content

Latest Google Chrome Update Patches Another Zero-Day Exploit


Google has rolled out a new security update to its Chrome browser, introducing fixes for as many as eight security flaws. One of them is a zero-day vulnerability, meaning it is already being exploited in the wild.

The “high-risk” issue, tracked as CVE-2021-30563, was reported anonymously last Monday. So credit to Google for rolling out a fix within a few days. The company hasn’t revealed much information about the bug though, neither about its exploitation. It simply says the issue is a “Type Confusion in V8,” which is an open-source JavaScript engine for Google Chrome and other Chromium web browsers.

“Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” Google notes. “We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven’t yet fixed.”

That’s standard practice when disclosing zero-day bugs, so as to minimize the spread of exploits. That said, someone in the wild is already exploiting this vulnerability. “Google is aware of reports that an exploit for CVE-2021-30563 exists in the wild,” the company said in a terse statement. So you might want to update your Chrome browser as soon as possible.

As said earlier, the new update for Google Chrome also patches seven other security issues. Most of them are high-risk issues, including bugs in V8 as well as ANGLE, the WebGL backend for the browser.

This is the eighth Google Chrome zero-day exploit this year

The popularity of Google Chrome also means it’s the most attractive browser for zero-day exploits. There have been several attacks on the browser recently. According to a Bleeping Computer report, this is the eighth zero-day exploit Google Chrome has patched this year. Before this, the company had released similar urgent fixes in June (two zero-day exploits patches), April (two), March (two), and February (one).

Just came in:  The State Department and 3 other US agencies earn a D for cybersecurity

The latest, stable version 91.0.4472.164 for Google Chrome is now rolling out for Windows, Mac, and Linux platforms. It should become available to all users around the world over the coming days/weeks. Your browser should automatically update itself on the next launch once the new build becomes available. However, you can also manually check for the update by navigating to Settings >> Help >> About Google Chrome.

If there’s no update available, you might want to keep checking regularly. Note that if your browser version is 91.0.4472.164 or above, you are already safe.

The post Latest Google Chrome Update Patches Another Zero-Day Exploit appeared first on Android Headlines.