Google has released Chrome 88 security update (89.0.4389.90) for Windows, Mac and Linux with fixes for five vulnerabilities. One of those vulnerabilities has been exploited in the wild (CVE-2021-21193).
An attacker could exploit these vulnerabilities to take control of impacted systems.
As part of the Chrome security update, Google patched five vulnerabilities in all, three High severity.
The three High severity patched vulnerabilities discovered by external researchers include:
- CVE-2021-21191*: Use after free in WebRTC.
- CVE-2021-21192: Heap buffer overflow in tab groups.
- CVE-2021-21193: Use after free in Blink.
Of special note, Google warned it is “aware of reports that an exploit for CVE-2021-21193 exists in the wild.”
Organizations should update Chrome installations immediately.