Chrome gets an update fixing a zero-day vulnerability

Get real time updates directly on you device, subscribe now.

Yesterday, June 9, developers from Google released another update with index 91.0.4472.101 for the Chrome browser on Windows, macOS and Linux platforms. This update fixes an issue with fourteen vulnerabilities, including the 0-day vulnerability CVE-2021-30551, which cybercriminals have already used to carry out their attacks. It is worth noting that the developers do not specify exactly how the vulnerability worked and by what method it was closed – it is only known that the culprit is the open source V8 engine for JavaScript, and the problem was discovered by a specialist from Google Project Zero.

Moreover, the new version of the browser has eliminated the second dangerous vulnerability CVE-2021-30544, which was caused by accessing memory after it was cleared in the transition cache. This memory is used when using the “Forward” and “Back” buttons to navigate through the pages of a particular site that have already been viewed. Initially, this vulnerability was assigned a critical severity level, since by accessing this section of memory it is possible to bypass absolutely all levels of browser protection by executing the code required by the attackers.

And although not yet half of this year has passed, for developers from Google this is already the sixth zero-day vulnerability that was quickly fixed. Accordingly, in order not to be a potential target for attackers who are aware of the current vulnerabilities, it is better to use the latest version of the browser, where all known holes have already been closed.

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.