Google patches some serious Chrome security flaws Google Chrome on macOS
Google has revealed that the latest release of its Chrome web browser fixes eleven security vulnerabilities,two of which are potentially serious zero-day exploits.
Furthermore, the search giant disclosed that it was aware that two of the eleven bugs, tracked as CVE-2021-30632 and CVE-2021-30633, were being exploited in the wild.
According to the official release notes, both of the zero-days are memory bugs. It classifies CVE-2021-30632 as an out of bounds write in the browser’s V8 JavaScript engine, while CVE-2021-30633 is labeled as a “use after free” bug in Indexed DB API, which is a JavaScript API for managing a NoSQL database of JSON objects.
We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.
Interestingly, these two zero-days were the only vulnerabilities that were listed as being submitted anonymously on September 8.
Popular target
Even though Google has admitted that the zero-days are being exploited in the wild, it hasn’t shared any details about the attacks.
Reporting on the release, BleepingComputer shares that while memory bugs often lead to browser crashes, they can be exploited to perform remote code execution, sandbox escapes, and other malicious activities as well.
Reportedly, these two zero-days bring the total number of patched zero-day vulnerabilities in the Chrome web browser in 2021 to ten.
“This milestone highlights the emphasis that bad actors are putting on browser exploits, with Chrome becoming a clear favorite, allowing a streamlined way to gain access to millions of devices regardless of OS,” Kevin Dunne, president at cybersecurity vendor Pathlock, shared with ZDNet.
John Bambenek, principal threat hunter at Netenrich went one step ahead and told ZDNet that since the vulnerabilities have now been patched, users can expect exploitation to go up.
Via ZDNet
Google has revealed that the latest release of its Chrome web browser fixes eleven security vulnerabilities,two of which are potentially serious zero-day exploits. Furthermore, the search giant disclosed that it was aware that two of the eleven bugs, tracked as CVE-2021-30632 and CVE-2021-30633, were being exploited in the wild. According…
Recent Posts
- ICYMI: the week’s 7 biggest tech stories, from Netflix enraging users to the Rabbit R1 disappointing all of us
- Samsung’s archrival strikes crucial partnership with Nvidia’s closest ally to deliver key next-gen memory — SK Hynix teams up with TSMC to advance HBM development but could this move encourage TSMC to become like Intel?
- As Google’s antitrust trial wraps, DOJ seeks sanctions over missing messages
- Microsoft needs some time to ‘refine’ updates for Copilot AI in Windows
- Sony Xperia 1 VI leak reveals new camera app and more features borrowed from Alpha cameras
Archives
- May 2024
- April 2024
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- December 2011