Google has released Chrome 95 security update (95.0.4638.54) for Windows, Mac and Linux with fixes for multiple vulnerabilities.
An attacker could exploit these vulnerabilities to take control of impacted systems.
The Chrome security update patched 19 vulnerabilities in all, to include the following 5 High severity vulnerabilities, each discovered by external researchers:
- CVE-2021-37981: Heap buffer overflow in Skia.
- CVE-2021-37982: Use after free in Incognito.
- CVE-2021-37983: Use after free in Dev Tools.
- CVE-2021-37984: Heap buffer overflow in PDFium.
- CVE-2021-37985: Use after free in V8.
In addition, none of these vulnerabilities had known exploits in the wild as noted in this Chrome advisory.
- Microsoft October 2021 Security Updates includes fixes for 4 zero-days, 1 actively exploited
- Google releases Chrome 94 security update (94.0.4606.81) with fixes for 4 High risk vulnerabilities
- Google patches 2 Chrome 94 zero-day vulnerabilities exploited in the wild
- Google Chrome 94 security update fixes zero-day vulnerability (CVE-2021-37973) under attack