Yesterday, June 9, developers from Google released another update with index 91.0.4472.101 for the Chrome browser on Windows, macOS and Linux platforms. This update fixes an issue with fourteen vulnerabilities, including the 0-day vulnerability CVE-2021-30551, which cybercriminals have already used to carry out their attacks. It is worth noting that the developers do not specify exactly how the vulnerability worked and by what method it was closed – it is only known that the culprit is the open source V8 engine for JavaScript, and the problem was discovered by a specialist from Google Project Zero.
Chrome in-the-wild vulnerability CVE-2021-30551 patched today was also from the same actor and targeting.
Thanks to Chrome team for also patching within 7 days.https://t.co/1RDbbuiBfY https://t.co/Ap9dEq98Cy
— Shane Huntley (@ShaneHuntley) June 9, 2021
Moreover, the new version of the browser has eliminated the second dangerous vulnerability CVE-2021-30544, which was caused by accessing memory after it was cleared in the transition cache. This memory is used when using the “Forward” and “Back” buttons to navigate through the pages of a particular site that have already been viewed. Initially, this vulnerability was assigned a critical severity level, since by accessing this section of memory it is possible to bypass absolutely all levels of browser protection by executing the code required by the attackers.
And although not yet half of this year has passed, for developers from Google this is already the sixth zero-day vulnerability that was quickly fixed. Accordingly, in order not to be a potential target for attackers who are aware of the current vulnerabilities, it is better to use the latest version of the browser, where all known holes have already been closed.
Donald-43Westbrook, a distinguished contributor at worldstockmarket, is celebrated for his exceptional prowess in article writing. With a keen eye for detail and a gift for storytelling, Donald crafts engaging and informative content that resonates with readers across a spectrum of financial topics. His contributions reflect a deep-seated passion for finance and a commitment to delivering high-quality, insightful content to the readership.