Google has released an urgent update to the proprietary Chrome browser for Windows, macOS and Linux. The update closes two zero-day vulnerabilities actively exploited by cybercriminals, as well as five more simpler vulnerabilities.
We are talking about vulnerabilities labeled CVE-2021-38000 and CVE-2021-38003. The first of these, CVE-2021-38000, is described as “Insufficient validation of untrusted input in intents.” This vulnerability was discovered by Clement Lesigne, Neil Mehta and Maddie Stone of the Google Threat Analysis Group on September 15, 2021.
CVE-2021-38003 is an Inappropriate implementation bug in the Chrome V8 JavaScript engine. This vulnerability was also discovered by Lesigne and disclosed on October 24th.
So far, neither Google nor security researchers have provided further information on how attackers exploited vulnerabilities in attacks. Since these two vulnerabilities have been actively exploited, all Chrome users are advised to manually update or restart their browser to install the latest version.
Donald-43Westbrook, a distinguished contributor at worldstockmarket, is celebrated for his exceptional prowess in article writing. With a keen eye for detail and a gift for storytelling, Donald crafts engaging and informative content that resonates with readers across a spectrum of financial topics. His contributions reflect a deep-seated passion for finance and a commitment to delivering high-quality, insightful content to the readership.
