Lately, Google rolled out an urgent security patch for Chrome 95.0.4638.69 versions for Windows, Linux, and Mac OS. The latest Chrome update also brings fixes for two zero-day vulnerabilities that are being exploited in the wild.
While the tech company said it is aware that there are two vulnerabilities tracked as CVE-2021-38000 and CVE-2021-38003 being exploited, it didn’t offer any details on how the two vulnerabilities were utilized in attacks.
The company also disclosed the list of security fixes in its blog post.
The first zero-day tracked as CVE-221-38000 is a high severity level vulnerability, reported as an “Insufficient validation of untrusted input in Intents”
And, the second zero-day tracked as CVE-2021-38003 is also a high severity level vulnerability, reported as a case of an “Inappropriate implementation” bug in the Chrome V8 JavaScript and WebAssembly engine.
The search engine giant’s Threat Analysis Group (TAG) has been credited to discover and report the first zero-day and second zero-day vulnerabilities on the 15th of September and 26th of October respectively.
Meanwhile, Google has begun rolling out Chrome 95.0.4638.69 to users globally in the Stable Desktop channel.
To update your Chrome browser, simply navigate to Chrome menu> Help> About Google Chrome. Now, the browser will perform the update.
Once the update finishes, the browser will automatically restart and now you are good to go.
For some users, the update will automatically be available when they launch the browser next time. It will take some time before the update reaches everyone.
Google Patched 15 Chrome zero-day vulnerabilities in 2021
With the fix for the recent two vulnerabilities tracked as CVE-2021-38000 and CVE-2021-38003, Google has patched 15 Chrome zero-day vulnerabilities till now in 2021
The 13 other vulnerabilities that Google fixed in the Chrome browser are:
- CVE-2021-21148: February 4th, 2021
- CVE-2021-21166: March 2nd, 2021
- CVE-2021-21193: March 12th, 2021
- CVE-2021-21220: April 13th, 2021
- CVE-2021-21224: April 20th, 2021
- CVE-2021-30551: June 9th, 2021
- CVE-2021-30554: June 17th, 2021
- CVE-2021-30563: July 15th, 2021
- CVE-2021-30632 and CVE-2021-30633 – September 13th
- CVE-2021-37973 – September 24th, 2021
- CVE-2021-37976 and CVE-2021-37975 – September 30th, 2021
We suggest our readers regularly update their browsers and operating systems as a part of best security practices.
Are you looking for more software news? Stay tuned for the latest software news from top tech industries.