Google has released a Chrome browser update for Windows, Mac, and Linux that includes seven security enhancements. One of the patches addresses a zero-day flaw that has been abused in the wild.
According to the advisory published on Google’s site, the latest Chrome browser is version 90.0.4430.85. The update is available for Windows, Mac OS X, and Linux.
The CVE-2021-21224 bug, which Google has patched and outlined in its advisory, has been exploited in the wild. However, there are no reports about whether or not the problem has affected daily Chrome users. There was also no information about the remaining security updates.
CVE-2021-21224 is the third vulnerability introduced by the modified Chrome browser, and it is a form confusion in the V8 engine. There’s also the V8 engine’s CVE-2021-21225 out-of-bounds memory access flaw and navigation’s CVE-2021-21226 use-after-free flaw.
Google said in an advisory that the new Chrome browser will be available in the coming days. It is recommended that users install the update as soon as it is available. External security researchers who identified the flaws were also credited and compensated by Google.