Google has released an updated model of its Chrome web browser following reports of a zero-day vulnerability currently being exploited in the wild.
The vulnerability, marked as higher risk, was noted on 24 January by security researcher Mattias Buelens, who is also a guide program architect on THEOplayer.
Google Chrome specialized software manager Srinivas Sista claimed that the tech giant is “aware of reports that an exploit for CVE-2021-21148 exists in the wild”. He didn’t provide any additional facts about the zero-working day vulnerability because of to risk of further more exploitation, noting that the vast majority of people hadn’t however been up-to-date with a fix.
Even so, ZDNet notes that the date on which Google states the bug was documented, January 24, is just two times soon after Google’s Menace Assessment Group reported a hacking campaign carried out by North Korean hackers from the cyber security local community. It is considered this campaign may possibly have relied on zero-working day exploits in Chrome and Internet Explorer.
Chrome variation 88..4324.150 has started to roll out to users across Windows, Mac and Linux systems. Users can look at if their Chrome browser is up to day by adhering to these ways:
- Eco-friendly suggests the update it much less than two days outdated
- Orange means the update is about 4 days old
- Red indicates the update is a the very least a 7 days old
Google was compelled to offer with one more Chrome zero-working day vulnerability in October of very last calendar year, when its Job Zero security crew discovered that hackers were exploiting the bug to attack Chrome users’ systems.
The vulnerability, a memory corruption bug in the FreeType font-rendering library, prompted the tech giant to release the Chrome OS 86..4240.112 update, which addressed the detected zero-day security flaw on Google Chromebooks.
Some parts of this short article are sourced from: