Google patches Chrome zero-day (CVE-2021-21148) exploited in the wild

Google patches Chrome zero-day (CVE-2021-21148) exploited in the wild

Google has released a new Chrome 88 security update (88.0.4324.150) for Windows, Mac and Linux with a fix for a zero-day vulnerability CVE-2021-21148 exploited in the wild.

An attacker could exploit this vulnerability to take control of impacted systems.

As part of the Chrome security update, Google patched one High severity ‘Heap buffer overflow in V8’ vulnerability CVE-2021-21148. Moreover, Google and third party researchers confirmed the vulnerability is being exploited in the wild.

The zero-day vulnerability was reported by security researcher Mattias Buelens on January 24, 2021.

Just two days later, Google warned of North Korean hackers targeting security researchers involved in finding zero-day threats in new cyber campaign. However, there was not yet any confirmation of direct links to the recent zero-day attacks.

The new patch was released just days after the recent Chrome security update 88.0.4324.146 that patched six other vulnerabilities, one of those rated Critical.

Related Articles