Google did, however, acknowledge its existence, stating that the "exploit for CVE-2021-30563 exists in the wild".
However, the company refrained from sharing any details on the issue, as is the case with such zero-day vulnerabilities, so as to prevent its further exploitation. In its recent report highlighting the issues and the security patch, Google states that the flaw was first reported by an anonymous researcher on July 12. It is a type of confusion vulnerability, meaning that it can allow attackers to access data in an unauthorized way, executing malicious code. The critical security lapse has been found with the browser's V8 open-source and JavaScript engine (CVE-2021-30563).
#UPDATE CHROME FOR MAC UPDATE#
The update introduces patches for a total of eight vulnerabilities with the browser, one of which is a zero-day vulnerability, meaning that the security lapse has been discovered but has not yet been patched on all systems. Once the browser restarts, it should be updated to version 1.41.The new update for Chrome is being rolled out for Windows, Mac, and Linux devices. Restart the browser once the update has been downloaded. The “About” page will load and if the update is available, it will automatically start downloading. Windows, Mac, and Linux users can update their Chrome browser by going to the “Help” -> “About” option in your Google Chrome menu.
In the resulting drop-down menu, select the Help > About Google Chrome menu options. In the upper right corner, click on the 'three dots' icon.
#UPDATE CHROME FOR MAC MAC#
#UPDATE CHROME FOR MAC FREE#
CVE-2022-1484: Heap buffer overflow in Web UI Settings.CVE-2022-1483: Heap buffer overflow in WebGPU.CVE-2022-1482: Inappropriate implementation in WebGL.CVE-2022-1481: Use after free in Sharing.CVE-2022-1480: Use after free in Device API.CVE-2022-1479: Use after free in ANGLE.CVE-2022-1478: Use after free in SwiftShader.CVE-2022-1477: Use after free in Vulkan.While not all of the details of the update have been released, it does include fixes for the following 25 issues: High-rated vulnerabilities: In all, more than $80,000 has been confirmed by way of Google bounty payments to the researchers who found these security problems. Of the 30 vulnerabilities, seven are rated high risk while 14 get a medium Common Vulnerabilities and Exposures (CVE) rating. Chrome updates happen in the background automatically keeping you running smoothly and securely with the latest features. However, Chrome users are encouraged to immediately update their browsers to protect against possible future browser-based attacks. Apple’s stable channel update for desktop which takes Google Chrome to version 1.41 for Windows, Mac, and Linux users provides fixes 30 security vulnerabilities.Īs reported by Forbes’ Davey Winder, none of these are zero-days where attackers are known to already be exploiting the vulnerabilities.
0 kommentar(er)
