Google Chrome patches yet another serious security vulnerability

(Image credit: Pixabay)
Audio player loading…

As it put out the latest stable build of the cross-platform Chrome web browser (opens in new tab), Google noted that the build bundles eight security fixes, including one that it was aware was being exploited in the wild. 

Six of the patched Chrome (opens in new tab) vulnerabilities have a High severity rating, and have been flagged by various cybersecurity (opens in new tab) researchers from around the world including its own Google Project Zero.

However the discovery of the zero-day vulnerability, tracked as CVE-2021-30563, is credited to an anonymous researcher and was originally reported earlier this week.

“Google is aware of reports that an exploit for CVE-2021-30563 exists in the wild,” Google said (opens in new tab) in its terse acknowledgement of the exploit.

Update without delay

Described as a type confusion bug in Google's open source (opens in new tab) WebAssembly and JavaScript (opens in new tab) engine, V8, Google didn’t share additional details about the vulnerability or how it was being exploited in the wild, and for good reason.

“Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” observed Google as it urged users to update to the latest release. 

Reporting on the patched security issues, BleepingComputer notes (opens in new tab) that CVE-2021-30563 brings the total number of patched zero-day vulnerabilities (opens in new tab) in Google’s web browser in 2021, to eight.

While unraveling four zero-day flaws (opens in new tab) in popular web browsers, members of Google’s Threat Analysis Group (TAG), recently observed that some of them were developed by a commercial surveillance company, which then sold them to different government-backed actors.

Meanwhile, the new Chrome release has begun rolling out in Chrome’s Stable channel and will become available to all users over the following days. 

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.