PSA: Update Google Chrome now to fix two zero-day flaws

|
, ,

Google Chrome is probably the most widely used browser on the planet, and that’s precisely why it gets targeted so often. No browser or piece of software is perfect; after all, it’s all created by imperfect humans. Browsers like Chrome can have specific code written in such a way that leaves open doors or ways to exploit it.

Estimated reading time: 2 minutes

There are many different errors or flaws that can happen to browsers like Google Chrome, and the zero-day flaw is discovered and exploited on the same day. Often, security researchers find flaws and report them to the software maker, and they are patched before the flaw is known to a broader audience. This is the best-case scenario because it gives the software maker time to patch and users time to update before a hacker can exploit it.

In this case, the flaws were reported, but hackers already knew about them and are actively exploiting it in the wild. So this is why it’s crucial to drop what you’re doing and update Google Chrome now. Google has released an update that will patch both flaws, designated as CVE-2021-37975 and CVE-2021-37976.

As is usually the case, the tech giant has refrained from sharing any additional details regarding how these zero-day vulnerabilities were used in attacks until a majority of users are updated with the patches, but noted that it’s aware that “exploits for CVE-2021-37975 and CVE-2021-37976 exist in the wild.”

An anonymous researcher has been credited with reporting CVE-2021-37975. The discovery of CVE-2021-37976, on the other hand, involves Clément Lecigne from Google Threat Analysis Group, who was also credited with CVE-2021-37973, another actively exploited use-after-free vulnerability in Chrome’s Portals API that was reported last week, raising the possibility that the two flaws may have been stringed together as part of an exploit chain to execute arbitrary code.

The Hacker News

Have you updated Google Chrome? Please share your thoughts on any of the social media pages listed below. You can also comment on our MeWe page by joining the MeWe social network.

Google Chrome
Previous

7 Chrome extensions you should consider using

Three new BenQ MOBIUZ 165Hz QHD gaming monitors now available for pre-order

Next

Latest Articles

Share via
Facebook
X (Twitter)
LinkedIn
Mix
Pinterest
Tumblr
Skype
Buffer
Pocket
VKontakte
Parler
Xing
Reddit
Line
Flipboard
MySpace
Delicious
Amazon
Digg
Evernote
Blogger
LiveJournal
Baidu
MeWe
NewsVine
Yummly
Yahoo
WhatsApp
Viber
SMS
Telegram
Facebook Messenger
Like
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap