Security News > 2021 > June > Google fixes sixth Chrome zero-day exploited in the wild this year

Google has released Chrome 91.0.4472.101 for Windows, Mac, and Linux to fix 14 security vulnerabilities, with one zero-day vulnerability exploited in the wild and tracked as CVE-2021-30551.

Google Chrome 91.0.4472.101 has started rolling out worldwide and will become available to all users over the next few days.

Google Chrome will automatically attempt to upgrade the browser the next time you launch the program, but you can perform a manual update by going to Settings > Help > 'About Google Chrome.

In addition to these vulnerabilities, news broke yesterday of a threat actor group known as Puzzlemaker that is chaining together Google Chrome zero-day bugs to escape the browser's sandbox and install malware in Windows.

Microsoft fixed the Windows vulnerabilities yesterday as part of the June 2021 Patch Tuesday, but Kaspersky could not determine what Google Chrome vulnerabilities were used in the Puzzlemaker attacks.

Kaspersky believes the attackers may have been using the Google Chrome CVE-2021-21224 vulnerability but have not ruled out the use of further undisclosed Chrome zero-day vulnerabilities.

News URL

https://www.bleepingcomputer.com/news/security/google-fixes-sixth-chrome-zero-day-exploited-in-the-wild-this-year/