March 21, 2023

Google released Chrome 95.0.4638.69 for Windows, Mac, and Linux to fix two zero-day vulnerabilities that attackers actively exploited.

Google is aware that exploits for CVE-2021-38000 and CVE-2021-38003 exist in nature, Google revealed in the list of security fixes in today’s Google Chrome release.

While Google says the new version may take a while to reach everyone, the update has already started rolling out Chrome 95.0.4638.69 to users around the world in the Stable Desktop channel.

This version of Chrome fixes a total of seven vulnerabilities, two of which are zero-day vulnerabilities known to have been exploited in the wild.

Advertisements

The first zero-day, followed as CVE-2021-38000, is described as “insufficient validation of unreliable intents entries” and has been assigned a high severity rating. The second day zero, followed as CVE-2021-38003, is a high severity “Inappropriate Implementation” bug in the Chrome V8 JavaScript engine.

As usual, google or the researchers have not provided further details on how the threat actors used the vulnerabilities in the attacks. Since both vulnerabilities have been used in attacks, it is suggested that all Chrome users perform a manual upgrade or restart their browser to install the latest version.

Google fixed 15 zero-day vulnerabilities in Chrome since the start of 2021.

The thirteen other zero-days corrected this year are listed below:

  • CVE-2021-21148 – February 4, 2021
  • CVE-2021-21166 – March 2, 2021
  • CVE-2021-21193 – March 12, 2021
  • CVE-2021-21220 – April 13, 2021
  • CVE-2021-21224 – April 20, 2021
  • CVE-2021-30551 – June 9, 2021
  • CVE-2021-30554 – June 17, 2021
  • CVE-2021-30563 – July 15, 2021
  • CVE-2021-30632 and CVE-2021-30633 – September 13
  • CVE-2021-37973 – September 24, 2021
  • CVE-2021-37976 and CVE-2021-37975 – September 30, 2021

Since Google now offers Chrome updates to fix zero days as they are reported, users are strongly advised not to block updates and install new versions as soon as possible. that they are available.

To install the Chrome update immediately, go to Chrome menu > To help > About Google Chrome, and the browser will start to update.

Tags:

Leave a Reply

You may have missed

DotRunpeX – Malware Injector Spreads in Wild

DotRunpeX – Malware Injector Spreads in Wild

March 21, 2023
Killnet Targets Healthcare Azure Resources

Killnet Targets Healthcare Azure Resources

March 21, 2023
NBA suffers a Data Breach – Third Party Provider Data Stolen

NBA suffers a Data Breach – Third Party Provider Data Stolen

March 21, 2023
Ferrari – Cyber Attack Ransom Demanded

Ferrari – Cyber Attack Ransom Demanded

March 21, 2023
ForgeRock new Passwordless Service

ForgeRock new Passwordless Service

March 20, 2023
New Decryptor for Conti Ransomware Released

New Decryptor for Conti Ransomware Released

March 20, 2023
%d bloggers like this: