Google Chrome update includes a “critical” security patch – so download it now

Google Chrome users have been urged to download and update their software with an emergency patch that fixes a potentially dangerous security vulnerability.

The company released Chrome 96.0.4664.110 for Windows, Mac, and Linux, to address a high-severity zero-day vulnerability to its web browser that has apparently already been exploited.

“Google is aware of reports that an exploit for CVE-2021-4102 exists in the wild,” the company said in a security advisory. “We would also like to thank all of the security researchers who worked with us during the development cycle to prevent security bugs from reaching the stable channel.”

Chrome Security Update

Google says the flaw, tagged CVE-2021-4102, has been reported anonymously and rates its severity as high.

This is a “use after free” vulnerability in the Chrome V8 JavaScript engine, which could allow third parties to hijack the program and execute external code.

The company also fixed four other security issues in its new release, three of which are also rated as high and one as “critical.”

This latest threat, CVE-2021-4098, discovered by Google Project Zero researcher Sergei Glazunov, involved insufficient data validation in Mojo, a collection of runtime libraries that support Chrome’s inter-process communication system.

The update can be installed by restarting your browser.

The news comes shortly after Google announced that it had reconfigured privacy and security settings in its latest beta version of Chrome in an effort to streamline the ability to delete data stored by websites. The company says the move will allow web browser users to better understand and manage their web privacy by providing more clarity on controlling a site’s storage settings.

Via MSPowerUser


Source link

Comments are closed.