Google fixes sixth Chrome zero-day in this year

Η Google επιδιορθώνει το έκτο Chrome zero-day για φέτος

Google has released Chrome 91.0.4472.101 for Windows, Mac, and Linux to fix 14 security vulnerabilities, with one zero-day vulnerability exploited in the wild and tracked as CVE-2021-30551.

Google Chrome 91.0.4472.101 has started rolling out worldwide and will become available to all users over the next few days.

Google Chrome will automatically attempt to upgrade the browser the next time you launch the program, but you can perform a manual update by going to Settings > Help > ‘About Google Chrome.

The vulnerability was discovered by Sergei Glazunov of Google Project Zero and is being tracked as CVE-2021-30551.

Shane Huntley, Director of Google’s Threat Analysis Group, says that this zero-day was utilized by the same threat actors using the Windows CVE-2021-33742 zero-day fixed yesterday by Microsoft.

Today’s update fixes Google Chrome’s sixth zero-day exploited in attacks this year, with the other five listed below:

CVE-2021-21148 – February 4th, 2021

CVE-2021-21166 – March 2nd, 2021

CVE-2021-21193 – March 12th, 2021

CVE-2021-21220 – April 13th, 2021

CVE-2021-21224 – April 20th, 2021

In addition to these vulnerabilities, news broke yesterday of a threat actor group known as Puzzlemaker that is chaining together Google Chrome zero-day bugs to escape the browser’s sandbox and install malware in Windows.

[Computer Bleeping]

Facebook
Twitter
LinkedIn
Pinterest

Other posts