Google Chrome: Emergency Update Fixes Serious Bugs

An emergency update of Chrome for Windows, Mac and Linux was released on Thursday (28) by Google. It fixes two serious zero-day flaws that have been exploited by intruders lately, according to the search giant.

Attributed with a high severity level, the CVE-2021-3800 fault is presented as an “Insufficient validation of unreliable input to the Intents resource”. It was discovered on September 15 by Google Threat Analysis Group (TAG) experts Clement Lecigne, Maddie Stone and Neel Mehta.

Identified by Lecigne last Sunday (24), the CVE-2021-38003 vulnerability is the other bug fixed by this new Google Chrome 95 update. It is an inadequate implementation bug in the browser’s JavaScript V8 engine, also classified as of high gravity.

The update started to arrive for all users.Source: André Dias/TecMundo

The Mountain View company did not provide further details as to how the flaws were exploited in recent cyber attacks, as is customary in these cases. The groups that would be behind these malicious campaigns were also not disclosed.

How to update the browser

As the vulnerabilities discovered by Google experts have been used in recent cyber attacks, it is recommended that browser users update as soon as it becomes available. It has already started to be distributed, and should reach everyone in the next few days.

You can install the Chrome 95.0.4638.69 update manually, if it is released, by opening the “Settings” menu, clicking “Help” and then “About Google Chrome”. The browser itself also checks for updates frequently, performing the installation automatically when the program is restarted.

The now released update is in addition to another 13 fixes for zero-day vulnerabilities in Chrome shipped by the company in 2021. These builds help mitigate potential risks of exploiting the bugs and therefore need to be installed whenever available.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *