On Monday, Google released Chrome 93.0.4577.82 for Linux, Mac, and Windows to resolve eleven security vulnerabilities including two being zero-day exploits.
In Chrome’s release notes, the company stated that Google is fully informed about the fact that the exploits for CVE-2021-30632 and CVE-2021-30633 exist in the wild. The update will be rolled out globally in the Stable desktop channel where Google says that it will be available to the general public in the forthcoming days.
You can manually check for any new updates on Chrome by going to Chrome menu > Help > About Google Chrome.
10 Zero-day vulnerabilities have been fixed in 2021
On September 8th, 2021 two zero-day vulnerabilities were disclosed to Google. Both of them are memory bugs and have been fixed with the recent Chrome 93.0.4577.82 update.
Most commonly these two bugs can crash the Google Chrome browser. However, the malicious actor can abuse them to carry out remote code execution, sandbox escapes, and other malicious activities.
Meanwhile, Google said both the bugs have been exploited in the wild but didn’t share any additional details concerning the attacks.
Adding these two vulnerabilities to the list, Google has patched a total of ten zero-day vulnerabilities in Chrome in 2021.
The 8 other vulnerabilities that Google fixed in the Chrome browser are:
- CVE-2021-21148: February 4th, 2021
- CVE-2021-21166: March 2nd, 2021
- CVE-2021-21193: March 12th, 2021
- CVE-2021-21220: April 13th, 2021
- CVE-2021-21224: April 20th, 2021
- CVE-2021-30551: June 9th, 2021
- CVE-2021-30554: June 17th, 2021
- CVE-2021-30563: July 15th, 2021
We suggest that you update your browser regularly. So, you don’t miss out on the latest features and security patches.
John Bambenek, principal threat hunter at Netenrich stated the most critical security threats are the browser bugs that are identified from exploitation in the wild.
Are you looking for more software news? Stay tuned for the latest software news from top tech industries.