Update Google Chrome now to fix these two serious security bugs

Google has fixed a total 13 zero-days in Chrome this year

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Googlehas once again pushed out an update for itsChrome web browserthat patches a couple of zero-day vulnerabilities that have publicly available exploits.

The two zero-days, tracked as CVE-2021-37975, and CVE-2021-37976 are in fact part of a total of four security issues addressed in Chrome 94.0.4606.71, three of which were discovered by external security researchers.

“Google is aware the exploits for CVE-2021-37975 and CVE-2021-37976 exist in the wild,”notethe Chrome developer team.

We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.

Click here to start the survey in a new window«

The search giant added that Chrome 94.0.4606.71 has begun rolling out to users tuned into the browser’s Stable Desktop channel.

Not naught

Not naught

Reporting on the release,BleepingComputernotes that the two fixes in this release bring thetotal number of zero-daysfixed in Chrome this year alone, up to thirteen.

In the announcement, Google shared that CVE-2021-37975 is a high-severity use after free bug in Chrome’s V8 JavaScript engine, and that CVE-2021-37976 causes an information leak in core and is treated as a medium severity bug.

While Google has acknowledged the availability of exploits for these two vulnerabilities, it hasn’t shared any details on the exact exploitation mechanism.

Are you a pro? Subscribe to our newsletter

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

However,BleepingComputeropines that use after free vulnerabilities are usually used to escape the browser’s security sandbox, and even perform remote code execution attacks.

In any case, all Chrome users are advised to install the updated release as and when it becomes available.

ViaBleepingComputer

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

7 myths about email security everyone should stop believing

Best Usenet client of 2024

Your doctor may have an AI assistant taking notes during your next Zoom call