A full month after patching a zero-day vulnerability in the Chrome browser that was actively exploited by hackers, Google today launched another zero-day vulnerability in the Chrome browser and said that the vulnerability has been widely used by hackers.
The search giant released Chrome 89.0.4389.72 for Windows, Mac and Linux on Tuesday, with 47 security fixes, the most serious of which is about the “object life cycle problem in audio”.
This vulnerability is numbered CVE-2021-21166, and it is one of two vulnerabilities reported by Microsoft browser vulnerability researcher Alison Huffman on February 11 last month.
Join Our RealMi Central Channel On Telegram
On February 4th, on the same day that the stable version of Chrome 88 was launched, Google also received a report of a separate object life cycle defect, which was also found in the audio component.
As there are no more details, it is unclear whether these two security flaws are related. Google admitted that an attack against the vulnerability exists, but did not share more details to allow most users to install fixes and prevent other threat actors from launching attacks against this zero-day vulnerability.
On February 4, Google released a fix for an actively developed heap buffer overflow defect (CVE-2021-21148) in its V8 JavaScript rendering engine.
In addition, Google last year also resolved five Chrome vulnerabilities that were actively exploited by hackers during the month from October 20 to November 12. Chrome users can update to the latest version by going to “Settings”> “Help”> “About Google Chrome” to reduce the risks associated with this vulnerability.
If you like our news and you want to see such news even further, then follow RealMi Central on Telegram, Twitter, Facebook (Page) (Group) & Instagram.