Discovery Of A Zero-day Vulnerability In Chrome, Already Actively Exploited

Google has released Chrome version 89.0.4389.72 containing the patch for a severe zero-day vulnerability already actively used in the wild. It is, therefore, essential to update the browser immediately.

On the occasion of the release of the latest Chrome, 89.0.4389.72, Google corrected a dangerous zero-day vulnerability already actively exploited in some attacks (in total, the latest version of the browser fixes 47 security vulnerabilities reported by external researchers).

Google has not released further technical details on Chrome’s zero-day vulnerability at this time to allow most users to install fixes and take necessary countermeasures to prevent other threat actors from exploiting this zero-day.

It is only known that the vulnerability, reported on February 11 by researcher Alison Huffman of Microsoft Browser Vulnerability Research, has been identified as CVE-2021-21166 and classified with a danger index by Google itself.

A Zero-day Vulnerability in Chrome: Let’s Install the Patch right away

It is therefore essential to promptly update the version of Google Chrome installed on your computer.

The new desktop version 89.0.4389.72 of Chrome has been released in the Stable channel and is already being rolled out for all Windows, Mac, and Linux users.

This means that the browser will automatically check for the recent update’s availability and install it as soon as it is available.

Alternatively, it is possible to manually install the update to Chrome 89 by accessing the Settings menu and clicking first on Help and then on About Google Chrome: if the latest version of the browser is already available, installation will be proposed.

Chrome’s Second Zero-day Corrected this year

With this vulnerability, Google has already corrected two zero-days in Chrome since the beginning of the year.

On February 4, the company released a fix for a heap buffer overflow flaw (CVE-2021-21148, also actively exploited) in Chrome’s V8 JavaScript rendering engine.

Last year, Google had already taken steps to fix five other zero-day vulnerabilities actively exploited between October 20 and November 12, 2020.

This shows, once again, how important it is to keep the software installed on your machine up-to-date: the patching activity is complex, but if adequately adopted, especially in the business environment, it can bring benefits in economic and security terms.

Recent Articles

BitLocker, How To Protect Data On Hard Drives And SSDs And Ask For A Password At Startup

Design BitLocker on TPM-empowered frameworks to incite for a PIN when you turn on the machine. In the GDPR period, BitLocker ought to be...

Paid Surveys 2023: The Best Online Sites And Apps Of The Moment

Earning online is anyone's dream: sitting comfortably in an armchair at home, being able to stay at the computer and carry out activities that...

Edit PDFs And Even Turn Them Into Word Documents With Nuance Power PDF 2

You must use professional software to get excellent results in editing PDF and converting documents to Word format. We tested Nuance Power PDF 2...

Android Parental Control, How To Activate It?

How to prevent certain types of websites from being viewed from an Android mobile device? How to block access to certain Android apps and...

3 Reasons To Sell A House With YouTube

Previews of videos published on Youtube are often integrated directly into the articles. In this way, the user can limit himself to reading the...

Related Stories