Google has released Chrome 94.0.4606.71 for Windows, Mac, and Linux, to fix two zero-day vulnerabilities that have been exploited by attackers. This is the second pair of zero days that Google’s fixed this month, all four of which have been actively exploited in the wild.
Google has pushed out an emergency Chrome update to fix yet another pair of zero days – the second pair this month – that are being exploited in the wild.
“Google is aware the exploits for CVE-2021-37975 and CVE-2021-37976 exist in the wild,” Google disclosed with the release of the browser fixes.
CVE-2021-37976 is described as an “information leak in core” and was assigned a Medium severity level. It was discovered by Google’s Threat Analysis Group (TAG).