Security News > 2021 > March > Another Google Chrome 0-Day Bug Found Actively Exploited In-the-Wild

Google has addressed yet another actively exploited zero-day in Chrome browser, marking the second such fix released by the company within a month.

While the update contains a total of five security fixes, the most important flaw rectified by Google concerns a use after free vulnerability in its Blink rendering engine.

As is usually the case with actively exploited flaws, Google issued a terse statement acknowledging that an exploit for CVE-2021-21193 existed but refrained from sharing additional information until a majority of users are updated with the fixes and prevent other threat actors from creating exploits targeting this zero-day.

"Google is aware of reports that an exploit for CVE-2021-21193 exists in the wild," Chrome Technical Program Manager Prudhvikumar Bommana noted in a blog post.

With this update, Google has fixed three zero-day flaws in Chrome since the start of the year.

Chrome users can update to the latest version by heading to Settings > Help > About Google Chrome to mitigate the risk associated with the flaw.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/lFwTxY4JQgo/another-google-chrome-0-day-bug-found.html