Google has released Chrome 91 security update 91.0.4472.164 for Windows, Mac and Linux with fixes for multiple High severity vulnerabilities, one of those a zero-day vulnerability CVE-2021-30563 exploited in the wild.
An attacker could exploit these vulnerabilities to take control of impacted systems.
The Chrome security update includes eight security fixes, six of those address High severity vulnerabilities (bold has known public exploit):
- CVE-2021-30559: Out of bounds write in ANGLE.
- CVE-2021-30541: Use after free in V8.
- CVE-2021-30560: Use after free in Blink XSLT.
- CVE-2021-30561: Type Confusion in V8.
- CVE-2021-30562: Use after free in WebSerial.
- CVE-2021-30563: Type Confusion in V8.
Google said it “is aware that an exploit for CVE-2021-30563 exists in the wild.” However, the tech giant did not share any details regarding the attacks.
In addition, Google also released Chrome 91 (91.0.4472.164) for Android.
- Microsoft July 2021 Security Updates includes fixes for 13 Critical RCEs, 3 zero-day vulnerabilities
- Google fixes Chrome zero-day (CVE-2021-30554) exploited in the wild
- Google fixes Chrome zero-day (CVE-2021-30551) exploited in the wild
- Google releases Chrome security update (91.0.4472.77)
- Chrome security update fixes zero-day (CVE-2021-21224) and 6 other vulnerabilities
- Chrome security update (89.0.4389.90) fixes zero-day exploited in the wild (CVE-2021-21193)