Chrome security update fixes zero-day (CVE-2021-21224) and 6 other vulnerabilities

Chrome security update fixes zero-day CVE-2021-21224

Google has released Chrome 90 security update 90.0.4430.85 for Windows, Mac and Linux with a fix for one vulnerability CVE-2021-21224 exploited in the wild and patches for six other vulnerabilities.

An attacker could exploit these vulnerabilities to take control of impacted systems.

As part of the Chrome security update, Google patched seven vulnerabilities, five rated High severity vulnerabilities as noted below (emphasis in bold for CVE exploited in wild):

  • CVE-2021-21222: Heap buffer overflow in V8.
  • CVE-2021-21223: Integer overflow in Mojo.
  • CVE-2021-21224: Type Confusion in V8 (exploited in wild)
  • CVE-2021-21225: Out of bounds memory access in V8.
  • CVE-2021-21226: Use after free in navigation.

Moreover, Google also updated Chrome OS 90.0.4430.86 (Platform version: 13816.55.0) for most Chrome OS devices.

Related Articles

Tags: , , ,