Update Chrome — major security flaws fixed
Google released security revisions for its Chrome web browser on Monday to fix 11 security issues, two of which are zero-day vulnerabilities that have been actively exploited.
It said the Chrome update will roll out globally in coming days and weeks. Chrome users are encouraged to update their browser immediately.
The tech company credited unidentified investigators for reporting the vulnerabilities, which relate to an out-of-bounds write in the engine that powers Chrome, and a “use after free” defect in the Indexed Database API respectively.
“Google is aware that exploits for CVE-2021-30632 and CVE-2021-30633 exist in the wild,” the company said in the Chrome release notes.
The vulnerabilities are termed “high severity” by Google, with attackers being able to exploit them to take control of a victim’s system.
Google did not provide any details on how or when the vulnerabilities were exploited or the malicious actors that have been abusing them.
According to The Hacker News’ report, the addition of these two zero-day vulnerabilities increases Google’s tally to eleven for vulnerabilities addressed in 2021.
Now Read: Hawks arrest suspect in Experian data breach that exposed data of 23 million South Africans
Loading ...