Google has released an update for its Chrome browser on Windows, Mac, and Linux that brings a total of seven security fixes. The patch list includes one for a zero-day vulnerability that has been exploited in the wild. The updated Chrome browser will roll out over the next few days, Google said in a notice. It is recommended that users install the update as soon as it reaches their devices. The search giant also credited and rewarded external security researchers who reported the vulnerabilities.
The updated Chrome browser is version 90.0.4430.85, according to the notice posted by Google via a blog post. The update is compatible with Windows, Mac and Linux devices.
The third vulnerability brought by the updated Chrome browser is defined as CVE-2021-21224, and it is type confusion in the V8 engine. There is also the CVE-2021-21225 out of bounds memory access vulnerability in the V8 engine and the CVE-2021-21226 use-after-free in the navigation.
Among the flaws that Google corrected and detailed in its review, CVE-2021-21224 has been exploited in the wild. However, there are no details on whether the issue affected regular Chrome users. Information on the remaining security fixes was also not provided.
“Access to bug details and links may be restricted until the majority of users are updated with a fix. We’ll also keep the restrictions if the bug exists in a third-party library that other projects similarly depend on, but that hasn’t been fixed yet, ”the company said.
Users can manually check for the latest update on their Chrome by going to the About Chrome settings on their devices. The browser, however, is updated automatically shortly after the deployment of its latest version on the enterprise side.
Why did LG abandon its smartphone business? We discussed this on Orbital, the Gadgets 360 podcast. Later (starting at 10:00 PM) we talk about the new co-op RPG shooter Outriders. Orbital is available on Apple Podcasts, Google Podcasts, Spotify, and anywhere you get your podcasts.