According to the latest reports, Google Chrome browser on October 28 pushed an emergency update version 95.0.4638.69, fixing two more serious Zero-day zero-day vulnerabilities. Currently, this update has been pushed to Chrome browsers for Windows, Mac, and Linux.
Google fixed the following two vulnerabilities:
- CVE-2021-38000 is about insufficient verification of untrusted input in Intents. The vulnerability was marked as severe and was discovered by the Google Security Threat Team on September 15.
- CVE-2021-38003 is a high severity “improper implementation” error in the Chrome V8 JavaScript engine. This vulnerability was discovered and reported on October 24.
Join RealMi Central on Telegram, Facebook & Twitter
Google said that these two vulnerabilities have been exploited by hackers, but did not elaborate on the specific methods of exploitation. Google advises users not to wait and update the browser immediately. In addition, this update of Chrome also fixes 5 other vulnerabilities.
Since 2021, Google has fixed 15 zero-day vulnerabilities in the Chrome browser. To update the browser, just open the settings, click About Chrome in the list in the lower-left corner, and the update will take effect automatically after restarting the browser.