Google closes tenth zero-day leak in Chrome in 2021

Spread the love

Google has patched two newly found zero-day vulnerabilities in its browser with updates to Chrome. The vulnerabilities were exploited in practice. This brings the total number of zero-day vulnerabilities in Chrome for this year to ten.

The update brings Chrome to version 93.0.4577.82 on Windows, Mac systems, and Linux. Users can expect the new versions in the coming days and weeks. In total, Google is addressing 11 vulnerabilities, including the two zero-day vulnerabilities, which have been labeled CVE-2021-30632 and CVE-2021-30633.

Google reports that it is aware of the existence of exploits that abuse the zero-day vulnerabilities in practice. CVE-2021-30632 concerns an out-of-bounds write vulnerability in Chrome’s JavaScript engine V8. CVE-2021-30633 is a use-after-free error in the Indexed DB API. Both bugs allow code execution on vulnerable systems under certain circumstances. This is the ninth and tenth zero-day vulnerability that Google has closed in 2021.

You might also like
Exit mobile version