2 New Chrome 0-Days Under Attack — Update Your Browser ASAP! – Tempemail

Chrome 0-Days Under Attack

Google on Tuesday released a new version of Chrome web-browsing software for Windows, Mac, and Linux with fixes for two security vulnerabilities, both of which it says are under active exploitation.

One of the two flaws concerns an insufficient validation of untrusted input in its V8 JavaScript rendering engine (CVE-2021-21220), which was demonstrated by Dataflow Security’s Bruno Keith and Niklas Baumstark at the Pwn2Own 2021 hacking contest last week.

password auditor

While Google moved to fix the flaw quickly, security researcher Rajvardhan Agarwal published a working exploit over the weekend by reverse-engineering the patch that the Chromium team pushed to the open-source component, a factor that may have played a crucial role in the release.

Also resolved by the company is a use-after-free vulnerability in its Blink browser engine (CVE-2021-21206). An anonymous researcher has been credited with reporting the flaw on April 7.

Chrome 0-Days Under Attack

“Google is aware of reports that exploits for CVE-2021-21206 and CVE-2021-21220 exist in the wild,” Chrome Technical Program Manager Prudhvikumar Bommana noted in a blog post.

password auditor

With this update, Google has fixed five flaws in Chrome that have been under attack since the start of the year, including CVE-2021-21148, CVE-2021-21166, and CVE-2021-21193.

Chrome 89.0.4389.128 is expected to roll out in the coming days. Users can update to the latest version by heading to Settings > Help > About Google Chrome to mitigate the risk associated with the flaws.

'+l+'...
'+n+"...
"}r+="http://thehackernews.com/",document.getElementById("result").innerHTML=r}}),e=window,t=document,r="script",s="stackSonar",e.StackSonarObject=s,e[s]=e[s]"http://thehackernews.com/"function(){(e[s].q=e[s].q"http://thehackernews.com/"[]).push(arguments)},e[s].l=1*new Date,a=t.createElement(r),n=t.getElementsByTagName(r)[0],a.async=1,a.src="https://www.stack-sonar.c/ping.js",n.parentNode.insertBefore(a,n),stackSonar("stack-connect","233"),o=!0)})}); //]]>

Try tempemail.co and you can view content, post comments or download something anonymously on Internet and anti virus to discover the whole new IT world. 10 minutes Tempemail – Also known by names like : 10minemail, 10minutemail, 10mins email, Tempemail 10 minutes, 10 minute e-Tempemail, 10min Tempemail, 10minute email or 10 minute temporary email. 10 minute email address is a disposable temporary email that self-destructed after a 10 minutes. https://tempemail.co/– is most advanced throwaway email service that helps you avoid spam and stay safe.

Related Post