Homepage > Google fixes serious security flaws in Chrome

Google fixes serious security flaws in Chrome

Google has revealed that the latest version of its Chrome web browser fixes eleven security vulnerabilities, two of which are potentially serious zero-day exploits.

Additionally, the research giant revealed that it knew two of the eleven bugs, tracked as CVE-2021-30632 and CVE-2021-30633, were being exploited in the wild.

According to official release notes, both zero days are memory bugs. It classifies CVE-2021-30632 as an out of bounds write in V8 browsers Javascript engine, while CVE-2021-30633 is tagged as a “use after free” bug in Indexed DB API, which is a JavaScript API for handling a NoSQL database JSON objects.

Interestingly, these two zero-days were the only vulnerabilities listed as having been submitted anonymously on September 8.

Although Google has admitted that zero days are exploited in the wild, it has not shared any details about the attacks.

Output report, Bleeping Computer Shares that while memory bugs often lead to browser crashes, they can be exploited to execute remote code, sandbox escapes, and other malicious activity.

Apparently these two zero-days bring the total number of zero-day vulnerabilities fixed in Chrome Web browser in 2021 to ten.

“This step highlights the focus of bad actors on browser exploits, with Chrome clearly becoming a favorite, allowing a streamlined way to access millions of devices regardless of operating system,” said said Kevin Dunne, president of cybersecurity provider Pathlock, shared with ZDNet.

John Bambenek, Senior Threat Hunter at Netenrich got a head start and said ZDNet that since the vulnerabilities have now been patched, users can expect increased exploitation.

Going through ZDNet

Similar Posts:

Leave A Reply

Please enter your comment!
Please enter your name here

Stay on Top - Get the daily news in your inbox

Recent Articles

Most Popurlar

Trending this Week

Similar Posts: