As it put out the latest stable build of the cross-platform Chrome web browser, Google noted that the build bundles eight security fixes, including one that it was aware was being exploited in the wild.
However the discovery of the zero-day vulnerability, tracked as CVE-2021-30563, is credited to an anonymous researcher and was originally reported earlier this week.
- We’ve rounded up the best anonymous browsers
- Protect your devices with these best antivirus software
- These are the best ransomware protection tools
“Google is aware of reports that an exploit for CVE-2021-30563 exists in the wild,” Google said in its terse acknowledgement of the exploit.
Update without delay
“Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” observed Google as it urged users to update to the latest release.
While unraveling four zero-day flaws in popular web browsers, members of Google’s Threat Analysis Group (TAG), recently observed that some of them were developed by a commercial surveillance company, which then sold them to different government-backed actors.
Meanwhile, the new Chrome release has begun rolling out in Chrome’s Stable channel and will become available to all users over the following days.
- Here's our choice of the best malware removal software on the market