Serious Google Chrome Zero-Day Exploits Fixed; Update Your Browser Now
By: Jim Stickley and Tina Davis
March 15, 2021
Google is in the news today and within a month of the last time regarding a more and more familiar topic. That is another zero-day flaw in its Chrome browser. This one is also being actively exploited. And as is usual protocol with Google, very little information is being provided at the moment. The company is waiting until the majority of users get their browsers updated before providing too many juicy details to would-be attackers.
This issue involves a “use after free” vulnerability in the Blink rendering engine. It’s not really important that you know what that means. It is, however, very important that your browser get updated right away. A fix was already released and addresses this issue as well as four other security fixes. All users should verify the version of Chrome being used. You can find it by clicking on “Chrome >> About Google Chrome” and make sure it’s 89.0.4389.90. Chrome does not require you to actively download any updates, but you do have to restart your browser to get it to load. So, as soon as possible, save any tabs you have open and restart it to make sure it gets applied.
Fixed earlier this month was an issue with the “object lifecycle issue in audio" (CVE-2021-21166). Again, it’s not so important you understand the details, it’s just important to make sure you update the browser. In February, there was another actively exploited vulnerability with its V8 JavaScript rendering engine (CVE-2021-21148). All of these should be fixed by version 89.0.4389.90.
If you want more information on this, you can refer to CVE-2021-21193. This affects MacOS, Windows, and Linux.