Yesterday, June 9, developers from Google released another update with index 91.0.4472.101 for the Chrome browser on Windows, macOS, and Linux platforms. This update fixed fourteen vulnerabilities, including the 0-day vulnerability CVE-2021-30551, which cybercriminals have already used to carry out their attacks. It is worth noting that the developers do not specify exactly how the vulnerability worked and what method was used to close it – it is only known that the culprit is the open-source V8 engine for JavaScript. A specialist from Google Project Zero discovered the problem.

Moreover, the new version of the browser has fixed the second dangerous vulnerability, CVE-2021-30544, which was caused by accessing memory after it was cleared in the transition cache. This memory is used when using the “Forward” and “Back” buttons to navigate through the pages of a particular site that have already been viewed. Initially, this vulnerability was assigned a critical severity level since by accessing this section of memory, it is possible to bypass absolutely all levels of browser protection by executing the code required by the attackers.

YOU CAN ALSO READ:   OnePlus showed an analog of AirPods Pro with a two-tone design and for $150

And although not yet half of this year has passed, for developers from Google, this is already the sixth zero-day vulnerability quickly fixed. Accordingly, in order not to be a potential target for attackers aware of the current vulnerabilities, it is better to use the latest version of the browser, where all known holes have already been closed.

Write A Comment