Google has released an update for the Chrome browser (version Chrome 96.0.4664.110) to patch a critical zero-day vulnerability that was exploited in the wild and other four security flaws.
The latest update is for all these platforms:-
- Windows
- Mac
- Linux
Details of the Zero-day Exploit
An anonymous security expert reported this bug. This zero-day bug is a Use-After-Free (UAF) weakness in Chrome V8 JavaScript engine and it’s been tracked as CVE-2021-4102.
Systems running the unpatched version of Chrome are vulnerable to this zero-day bug, and by exploiting this flaw an attacker can execute arbitrary code and also evade the security sandbox of the browser.
For security reasons, Google has not provided any information regarding this zero-day vulnerability, as Google claims it will prevent the attackers from further exploiting this bug.
Users are recommended to upgrade to the latest version of Chrome to avoid any exploitation of this bug in the wild.
How to update?
Follow these steps to check for the new update and update
- Go to the Menu option in Chrome.
- Select Help option.
- Then select About Google Chrome.
