Systems Affected
✻ Google Chrome Browser
✻ Chromium-based Browsers
Overview
The zero-day, which was assigned the identifier of CVE-2021-21148, was described as a “heap overflow” memory corruption bug in the V8 JavaScript engine.
Description
Google has addressed an actively exploited zero-day security vulnerability in the Chrome 88.0.4324.150 version released on February 4th, 2021, to the Stable desktop channel for Windows, Mac, and Linux users.
Impact
✻ Remote code execution
✻ Malware installation
✻ Information disclosure
Solution/ Workarounds
The Google Chrome web browser will then automatically check for the new update and install it when available. However, Regular users are advised to use Chrome’s built-in update feature to upgrade their browser to the latest version as soon as possible. This can be found via the Chrome menu, Help option, and About Google Chrome section.
References
✻ https://www.zdnet.com/article/google-patches-an-actively-exploited-chrome-zero-day
✻ https://www.bleepingcomputer.com/news/security/google-fixes-chrome-zero-day-actively-exploited-in-the-wild/
Disclaimer
The information provided herein is on “as is” basis, without warranty of any kind.