Google Chrome, Google’s successful web browser, has been exposed to new vulnerabilities. The new vulnerability is related to a use-after-free bug in the V8 JavaScript and WebAssembly engine, resulting in severe consequences, such as corruption of valid data and the execution of arbitrary codes.
Google is aware
Currently, it’s not known how the flaw is abused in real-world attacks. The company behind Chrome, Google, has stated that they are aware of the exploit. The flaw has been patched with the latest update for Google Chrome.
CVE-2021-4102 is not the first vulnerability in the V8 JavaScript, as the company also issued CVE-2021-37975 less than three months ago. But it is currently unknown if those flaws are somehow related to each other.
Chrome users should update their software to secure their systems. For updating the browser, users can click the 3-dots button at right-top, then follow « Help > About Google Chrome ».
If the browser version shows 96.0.4664.110 in the About Google Chrome section, you are good to go. If not, Chrome should automatically check and apply updates here; wait for the update, then restart the browser.