Google has released Chrome 91 security update (91.0.4472.77) for Windows, Mac and Linux with fixes for 32 vulnerabilities.
An attacker could exploit these vulnerabilities to take control of impacted systems.
As part of the Chrome security update, Google patched 32 vulnerabilities in all, 8 of those are rated High severity and discovered by external researchers:
- CVE-2021-30521: Heap buffer overflow in Autofill.
- CVE-2021-30522: Use after free in WebAudio.
- CVE-2021-30523: Use after free in WebRTC.
- CVE-2021-30524: Use after free in TabStrip.
- CVE-2021-30525: Use after free in TabGroups.
- CVE-2021-30526: Out of bounds write in TabStrip.
- CVE-2021-30527: Use after free in WebUI.
- CVE-2021-30528: Use after free in WebAuthentication.
Moreover, the update addressed 8 Medium and 2 Low severity flaws also discovered by external researchers. None of the listed vulnerabilities had known public exploits at the time of the Google advisory.
Finally, Google also released Chrome 90 (91.0.4472.77) for Android.
- Google releases Chrome security update (90.0.4430.93)
- Chrome security update fixes zero-day (CVE-2021-21224) and 6 other vulnerabilities
- Chrome security update (89.0.4389.90) fixes zero-day exploited in the wild (CVE-2021-21193)
- Google patches Chrome zero-day (CVE-2021-21166) exploited in the wild
- Google patches Chrome zero-day (CVE-2021-21148) exploited in the wild