Google fixes sixth 'zero-day' of Chrome exploited in attacks

Google has released Chrome version 91.0.4472.101 for Windows, Mac and Linux which fixes fourteen vulnerabilities, one of them zero-day that had been used to carry out attacks and that has been identified as CVE-2021-30551.

The update is reaching all browser users and can be forced by accessing from the menu to Help > Information about Google. Although it is likely that the browser, in a reboot, has installed it silently and the corresponding patches are applied.

Exploited by the same people who exploited a vulnerability fixed yesterday by Microsoft

There are not too many details about this vulnerability corrected during the last hours, beyond its characteristics, as reported from Bleeping Computer: This is a problem in V8, Google's open source WebAssembly and JavaScript engine written in C ++. The vulnerability was discovered by Sergei Glazunov, a member of Google Project Zero.

Fixed vulnerability in Chrome affects Google's open source WebAssembly and JavaScript engine written in C ++

Work 933061 1920

This developer tested the 1000 most popular Chrome extensions and tells us how they affect browser performance

It so happens that another Mountain View employee, the director of Google's Threat Analysis Group, Shane Huntley, has confirmed in a tweet what this zero-day has been used by the same people who exploited the zero-day attack identified as CVE-2021-33742 that Microsoft fixed yesterday.

This problem fixed in Windows 10 with the Patch Tuesday June that solves fifty vulnerabilities. Among them, five of zero-day and one of them is that we are talking about. This problem, classified as critical, affected the Trident HTML engine and could affect different types of applications.

This is the sixth Chrome zero-day attack exploited in attacks during 2021.

© Best Of Giz India. All rights reserved. Distributed by . Distributed by