Google issues patches for Chrome flaw for Windows, Mac and Linux

Along with a patch for a zero-day bug in the Chrome browser, Google has addressed seven other flaws in its recent update.

Along with a patch for a zero-day bug in the Chrome browser, Google has addressed seven other flaws in its recent update.

Google has announced to release of a security update to addresses inherent flaws in its Chrome browser. The patches will be released for the Chrome version for Windows, Mac, and Linux.

Part of the multiple fixes the company is about to release is a high-severity zero-day that Google claims is being exploited actively in the wild. The tech giant states that the Chrome 91.0.4472.164 security update will be issued in the coming days or weeks while the company learned about the presence of an exploit for the zero-day tracked as CVE-2021-30563 on July 12.

Which Flaws Will be Addressed?

Along with the zero-day bug, Google aims to address seven other flaws, 6 of which are tracked as CVE-2021-30559, CVE-2021-30541, CVE-2021-30560, CVE-2021-30564, CVE-2021-30561, and CVE-2021-30562, while the company didn’t reveal details of the 8th flaw.

The zero-day is a form of confusion issue in the V8 open-source and JavaScript engine. It was reported to Google by an unidentified researcher earlier in July, and the company duly credited him. But, Google hasn’t shared details of the bug. It is the 9th zero-day Google has addressed this year to prevent real-world attacks against Chrome users.

HTTPS-First Mode

To offer a better and securer browsing experience to Chrome users, Google is also planning to offer a new protocol called HTTPS-First Mode to upgrade all Chrome page loads to HTTPS. Therefore, after it is upgraded, you might see a full-page warning notice before loading sites that don’t yet support it.

The new mode will be released on Sep 21st with the M94 version. The company noted in another blog post how the new protocol would offer a safer browsing experience.

“When a browser connects to websites over HTTPS (vs. HTTP), eavesdroppers and attackers on the network can’t intercept or alter the data that’s shared over that connection (including personal information, or even the page itself). This level of privacy and security is vital for the web ecosystem.”

Did you enjoy reading this article? Like our page on Facebook and follow us on Twitter.

Total
0
Shares
Related Posts