As it put out the latest stable build of the cross-platform Chrome web browser (opens in new tab), Google noted that the build bundles eight security fixes, including one that it was aware was being exploited in the wild.
Six of the patched Chrome (opens in new tab) vulnerabilities have a High severity rating, and have been flagged by various cybersecurity (opens in new tab) researchers from around the world including its own Google Project Zero.
However the discovery of the zero-day vulnerability, tracked as CVE-2021-30563, is credited to an anonymous researcher and was originally reported earlier this week.
- We’ve rounded up the best anonymous browsers (opens in new tab)
- Protect your devices with these best antivirus software (opens in new tab)
- These are the best ransomware protection tools (opens in new tab)
“Google is aware of reports that an exploit for CVE-2021-30563 exists in the wild,” Google said (opens in new tab) in its terse acknowledgement of the exploit.
Update without delay
Described as a type confusion bug in Google's open source (opens in new tab) WebAssembly and JavaScript (opens in new tab) engine, V8, Google didn’t share additional details about the vulnerability or how it was being exploited in the wild, and for good reason.
“Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” observed Google as it urged users to update to the latest release.
Reporting on the patched security issues, BleepingComputer notes (opens in new tab) that CVE-2021-30563 brings the total number of patched zero-day vulnerabilities (opens in new tab) in Google’s web browser in 2021, to eight.
While unraveling four zero-day flaws (opens in new tab) in popular web browsers, members of Google’s Threat Analysis Group (TAG), recently observed that some of them were developed by a commercial surveillance company, which then sold them to different government-backed actors.
Meanwhile, the new Chrome release has begun rolling out in Chrome’s Stable channel and will become available to all users over the following days.
- Here's our choice of the best malware removal (opens in new tab) software on the market