The vulnerability (CVE-2021-37973) impacts 2 Billion Chrome users worldwide therefore update your browser right now to the latest version.
On Friday 24th, Google rolled out an urgent security update to patch a zero-day vulnerability in its Chrome web browser actively exploited in the wild. Google Threat Analysis Group’s Clément Lecigne reported the flaw.
Update your Chrome browser now
Chrome users must update the browser to the latest version for Windows, Mac, and Linux (94.0.4606.61). To upgrade, head to:
- About Google Chrome
This update arrives just one day after Apple closed an actively exploited security vulnerability (CVE-2021-30869) identified in older versions of iOS and macOS.
About the Zero-Day
The vulnerability is tracked as CVE-2021-37973. It is a Use-After-Free flaw identified in Portals API, which is a web page navigation system that allows a page to display another page as an insert and the previously inset page becomes a top-level document.
Details of how the vulnerability could be exploited haven’t been disclosed as the internet giant just said it is aware that the vulnerability exists in the wild.
Chrome’s 11th Zero-Day
According to the blog post from Google, it is Chrome’s 11th zero-day exploit patched this year. Reportedly, this flaw affects Linux, Windows, and macOS users. A flaw is classified as zero-day if hackers manage to exploit it before the vendor can release a fix, making it dangerous than other security flaws.