Google has released Chrome 90 security update (90.0.4430.93) for Windows, Mac and Linux with fixes for 9 vulnerabilities.
An attacker could exploit these vulnerabilities to take control of impacted systems.
As part of the Chrome security update, Google patched 9 vulnerabilities in all, 3 of those rated High severity.
The 3 High severity vulnerabilities patched and discovered by external researchers include:
- CVE-2021-21227: Insufficient data validation in V8.
- CVE-2021-21232: Use after free in Dev Tools.
- CVE-2021-21233: Heap buffer overflow in ANGLE.
None of the listed vulnerabilities had known public exploits at the time of the Google advisory.
Finally, Google also released Chrome 90 (90.0.4430.91) for Android.
- Chrome security update fixes zero-day (CVE-2021-21224) and 6 other vulnerabilities
- Chrome security update (89.0.4389.90) fixes zero-day exploited in the wild (CVE-2021-21193)
- Google patches Chrome zero-day (CVE-2021-21166) exploited in the wild
- Google patches Chrome zero-day (CVE-2021-21148) exploited in the wild