Google has released Chrome 96 security update (96.0.4664.110) for Windows, Mac and Linux with a fix for one High risk vulnerability exploited in the wild.
An attacker could exploit these vulnerabilities to take control of impacted systems.
The Chrome security update patched 5 vulnerabilities in all, to include one Critical vulnerability and 4 High severity vulnerabilities, each discovered by external researchers (those in bold have exploits in the wild):
- CVE-2021-4098: Insufficient data validation in Mojo (Critical).
- CVE-2021-4099: Use after free in Swiftshader (High).
- CVE-2021-4100: Object lifecycle issue in ANGLE (High).
- CVE-2021-4101: Heap buffer overflow in Swiftshader (High).
- CVE-2021-4102: Use after free in V8 (High).
Google is also aware of reports that “an exploit for CVE-2021-4102 exists in the wild.”
- Microsoft December 2021 Security Updates includes fix for zero-day exploit used to spread Emotet malware
- Apples releases security updates for iOS 15.2, macOS Big Sur 11.6.2, macOS Monterey 12.1 and other products
- Google releases Chrome 96 security update (96.0.4664.45) with fixes for 25 vulnerabilities
- Google releases Chrome 95 security update (95.0.4638.69) with fixes for 2 High risk zero-days exploited in the wild