[ad_1]
Google has launched Chrome 96.0.4664.110 for Home windows, Mac, and Linux, to deal with a high-severity zero-day vulnerability exploited within the wild.
“Google is conscious of experiences that an exploit for CVE-2021-4102 exists within the wild,” the browser vendor stated in at present’s safety advisory.
Though the corporate says this replace might take a while to achieve all customers, the replace has already begun rolling out Chrome 96.0.4664.110 worldwide within the Secure Desktop channel.
The replace was out there instantly when BleepingComputer checked for brand spanking new updates from Chrome menu > Assist > About Google Chrome. The browser may even auto-check for current updates and replace itself robotically after the following launch.
Zero-day exploitation particulars not revealed
The zero-day bug mounted at present, tracked as CVE-2021-4102, was reported by an nameless safety researcher and is a use after free weak spot in the Chrome V8 JavaScript engine.
Attackers generally exploit use after free bugs to execute arbitrary code on computer systems operating unpatched Chrome variations or escape the browser’s safety sandbox.
Whereas Google stated it detected within the wild assaults abusing this zero-day, it didn’t share more information concerning these incidents.
“Entry to bug particulars and hyperlinks could also be stored restricted till a majority of customers are up to date with a repair,” Google added.
“We may even retain restrictions if the bug exists in a 3rd occasion library that different tasks equally rely upon, however have not but mounted.”
Till the browser vendor releases extra particulars concerning this bug’s within the wild exploitation, customers ought to have sufficient time to improve Chrome and forestall exploitation makes an attempt.
Sixteenth Chome zero-day mounted this yr
With this replace, Google has addressed 16 Chrome zero-day vulnerabilities for the reason that begin of the yr.
The opposite 15 zero-days patched in 2021 are listed beneath:
As a result of this zero-day is thought to have been utilized by attackers within the wild, putting in at present’s Google Chrome replace is strongly really useful as quickly because it’s out there.
[ad_2]
