Google has pushed out an emergency Chrome update to fix yet another pair of zero days – the second pair this month – that are being exploited in the wild. This hoists this year’s total number of zero days found in the browser up to a dozen. On Thursday evening, the web Goliath released the Chrome 94.0.4606.71 stable channel release for Windows, Mac and Linux to fix the two zero-days, which were included in an update with a total of four security fixes. “Google is aware the exploits for CVE-2021-37975 and CVE-2021-37976 exist in the wild,” Google disclosed with the release of the browser fixes. No Details for the Zero Days Just as it did with the pair of zero days that were being exploited in the wild earlier this month, Google is keeping technical details close to the vest, at least until most users have had a chance to plug in the update. The company started pushing out Chrome 94.0.4606.71 to users worldwide in the Stable Desktop channel, and it should be available to all users within coming days. “Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” the company said in Thursday’s security update. “We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.” Here are details on the two zero-days: CVE-2021-37976 is described as an “information leak in core” and was assigned a Medium severity level. It was discovered by Clément Lecigne from…
https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png 0 0 govanguard https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png govanguard2021-09-30 18:38:002021-09-30 18:38:00Google Emergency Update Fixes Two Chrome Zero Days
Our Standard Office Hours
Monday – Friday: 8:00AM – 5:00PM EDT
Saturday – Sunday: Closed
Where to Find Us
Data Privacy Notice
- – All product names, logos, and brands are property of their respective owners.
- – The use of these names, logos, and brands is for identification purposes only and does not imply endorsement.
- – Content syndication and aggregation of public information is solely for the purpose of identifying information security trends, all syndicated content contains source links to the content creator website. All content is owned by it’s respective content creators.
- – If you are an owner of some content and want it to be removed, please email firstname.lastname@example.org