More Google Chrome exploits discovered in the wild, Updates issued.
Posted by: GuidePoint Security
Published 9/23/2021, 9:00am
Last week, Google issued an updated version of Google Chrome for Windows, Mac, and Linux to address eleven new security vulnerabilities, two of which are currently being exploited in the wild (CVE-2021-30632 and CVE-2021-30633). CVE-2021-30632 is an out-of-bounds write in the V8 JavaScript engine, and CVE-2021-30633 is a use-after-free bug in the Indexed DB API.
Researchers warn that these bugs could be used to perform remote code executions and sandbox escapes.
These two bugs bring the total number of zero-days fixed by Chrome in 2021 to ten.
Next Steps
Since researchers have discovered these bugs being exploited in the wild, Chrome users are advised to update systems immediately. By default, Google Chrome downloads updated versions as they become available, and in most cases, updates can be applied simply by relaunching the Chrome Browser.
GuidePoint Security