Google has released Chrome 91 security update 91.0.4472.114 for Windows, Mac and Linux with fixes for multiple High severity vulnerabilities, one of those a zero-day vulnerability CVE-2021-30554 exploited in the wild.
An attacker could exploit these vulnerabilities to take control of impacted systems.
As part of the Chrome security update, Google patched four High severity vulnerabilities in all (CVE highlighted in bold with known exploit in wild):
- CVE-2021-30554: Use after free in WebGL.
- CVE-2021-30555: Use after free in Sharing.
- CVE-2021-30556: Use after free in WebAudio.
- CVE-2021-30557: Use after free in TabGroups.
Google said it “is aware that an exploit for CVE-2021-30551 exists in the wild.” However, the tech giant did not share any details regarding the attacks.
In addition, Google also released Chrome 91 (91.0.4472.114) for Android.
- Google fixes Chrome zero-day (CVE-2021-30551) exploited in the wild
- Google releases Chrome security update (91.0.4472.77)
- Chrome security update fixes zero-day (CVE-2021-21224) and 6 other vulnerabilities
- Chrome security update (89.0.4389.90) fixes zero-day exploited in the wild (CVE-2021-21193)
- Microsoft June 2021 Security Updates includes fixes for 6 zero-day vulnerabilities
- Microsoft uncovers NOBELIUM ‘sophisticated email-based attack’