Security News > 2021 > March > Google fixes second actively exploited Chrome zero-day bug this year
Google has fixed an actively exploited zero-day vulnerability in the Chrome 89.0.4389.72 version released today, March 2nd, 2021, to the Stable desktop channel for Windows, Mac, and Linux users.
"Google is aware of reports that an exploit for CVE-2021-21166 exists in the wild," the Google Chrome 89.0.4389.72 announcement reads.
The Google Chrome web browser will then automatically check for the new update and install it when available.
"Access to bug details and links may be kept restricted until a majority of users are updated with a fix," Google added.
Google fixed another Chrome zero-day actively exploited in the wild in February, a heap buffer overflow bug in V8 tracked as CVE-2021-2114 and rated as high severity.
Last year, Google fixed five more actively exploited Chrome zero-days within a single month, between October 20 and November 12.
News URL
Related news
- New details reveal how hackers hijacked 35 Google Chrome extensions (source)
- Google Chrome is making it easier to share specific parts of long PDFs (source)
- Google to kill Chrome Sync on older Chrome browser versions (source)
- Google fixes Android kernel zero-day exploited in attacks (source)
- Fake Google Chrome Sites Distribute ValleyRAT Malware via DLL Hijacking (source)
- Google Chrome's AI-powered security feature rolls out to everyone (source)
- Google Chrome disables uBlock Origin for some in Manifest v3 rollout (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-09 | CVE-2021-21166 | Race Condition vulnerability in multiple products Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2021-01-20 | CVE-2021-2114 | Unspecified vulnerability in Oracle Common Applications Calendar Vulnerability in the Oracle Common Applications Calendar product of Oracle E-Business Suite (component: Applications Calendar). | 0.0 |