Google fixes Chrome zero-day (CVE-2021-30563) exploited in the wild

Google fixes Chrome zero-day (CVE-2021-30563) exploited in the wild

Google has released Chrome 91 security update 91.0.4472.164 for Windows, Mac and Linux with fixes for multiple High severity vulnerabilities, one of those a zero-day vulnerability CVE-2021-30563 exploited in the wild.

An attacker could exploit these vulnerabilities to take control of impacted systems.

The Chrome security update includes eight security fixes, six of those address High severity vulnerabilities (bold has known public exploit):

  1. CVE-2021-30559: Out of bounds write in ANGLE.
  2. CVE-2021-30541: Use after free in V8.
  3. CVE-2021-30560: Use after free in Blink XSLT.
  4. CVE-2021-30561: Type Confusion in V8.
  5. CVE-2021-30562: Use after free in WebSerial.
  6. CVE-2021-30563: Type Confusion in V8.

Google said it “is aware that an exploit for CVE-2021-30563 exists in the wild.” However, the tech giant did not share any details regarding the attacks.

In addition, Google also released Chrome 91 (91.0.4472.164) for Android.

Related Articles