Google has released Chrome 94 security update (94.0.4606.61) with a fix for one zero-day vulnerability under attack.
An attacker could exploit these vulnerabilities to take control of impacted systems.
The Chrome 94 security update patched one High severity ‘Use after free Portals’ vulnerability CVE-2021-37973. The issue was reported by Clément Lecigne from Google Threat Analysis Group (TAG), with technical assistance from Sergei Glazunov and Mark Brand from Google Project Zero.
Google has confirmed that an “exploit for CVE-2021-37973 exists in the wild.”