Chrome Zero Day Exploit Gets Fixed With Latest Update

May 19, 2021

Written by wukovits

Laptop showing Google search

On April 20, 2021, Google released Chrome 90.0.4430.85, designed to address a zero-day exploit hackers are currently taking advantage of, tracked as CVE-2021-21224. The patch also patches four other high severity security flaws that had previously been plaguing the most popular browser on the web. By the time you read these words, the latest version will be available for Windows, Mac and Linux users.

The other issues this latest patch addresses are tracked as follows:

  • CVE-2021-21222 (a heap buffer overflow in V8)
  • CVE-2021-21223 (an integer overflow in Mojo)
  • CVE-2021-21225 (an out of bounds memory access issue in V8)

Needless to say, with a quartet of serious to critical severity flaws being addressed, this is an update you don’t want to miss.

If there’s a silver lining to be found, it lies in the fact that by itself, the remote code execution allowed by this particular zero-day exploit doesn’t allow a hacker to escape from Chrome’s sandbox. That’s not much of a silver lining though. The company explained in a blog post about the matter, and as demonstrated via a recently released proof of concept, it can easily be chained with another exploit to allow it to escape the sandbox.

Google and a number of other giant tech firms have been scrambling this year. They’ve been addressing zero-day and high severity security flaws left and right, trying gamely to stay one step ahead of the hackers, or at least not fall too far behind them.

Kudos to Google for taking fast action here. Be sure to update to the latest version as soon as feasible. If the current pace of patching holds, this is going to be a very busy year for everyone. Buckle up, it appears that 2021 is going to be a wild ride indeed.

Used with permission from Article Aggregator

Bayou Tech

We provide solutions for your business. Find out how we can help.

Related Articles

Key Considerations for Effective Cybersecurity Implementation

Consider this: In the realm of cybersecurity, things often get tangled in the web of "you should do it anyway" arguments. Yet, for busy business owners bombarded with daily "must-dos," deciphering the essentials from the fluff can feel like a cyber maze. We aim to...

Unlocking Small Business Success: The Impact of AI in a Digital Era

In the rapidly evolving business landscape, staying competitive necessitates embracing technological advancements. Artificial Intelligence (AI), once perceived as a luxury for larger enterprises, is now accessible to small businesses, offering new opportunities for...