Social Media

Google warns users of new ‘zero day’ vulnerability in Chrome

Our Bureau Mumbai | Updated on July 21, 2021

The vulnerability CVE-2021-30563 was reported by an anonymous person on July 12

Google has issued yet another urgent update warning for its two billion Chrome users.

The tech giant has warned users of a new zero-day exploit in its popular web browser Chrome with a high level of severity. The vulnerability CVE-2021-30563 was reported by an anonymous person on July 12.

Google has described the vulnerability simply as a “Type Confusion in V8,” which is an open source JavaScript engine in Chrome.

Google tends to not disclose further details about a vulnerability before a majority of users have installed the updates.

“Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed,” Google said in a blog post.

The vulnerability was being exploited in the wild before the tech giant could release its security patch.

“Google is aware of reports that an exploit for CVE-2021-30563 exists in the wild,” it said.

Users have been advised to update the browser to version 91.0.4472.164 for Windows, Mac and Linux which will roll out over the coming days/weeks.

The update contains eight security fixes. CVE-2021-30563 is the eighth zero-day vulnerability found in the tech giant’s web browser in 2021.

Chrome’s popularity has made the browser an active target for hackles one of the most notable being a group of hackers calling themselves PuzzleMaker.

The group has been active in leveraging vulnerabilities in Chrome to install malware on Windows systems. Microsoft last month had issued an urgent security warning for Windows users regarding the issue.

Published on July 21, 2021

Follow us on Telegram, Facebook, Twitter, Instagram, YouTube and Linkedin. You can also download our Android App or IOS App.

  1. Comments will be moderated by The Hindu Business Line editorial team.
  2. Comments that are abusive, personal, incendiary or irrelevant cannot be published.
  3. Please write complete sentences. Do not type comments in all capital letters, or in all lower case letters, or using abbreviated text. (example: u cannot substitute for you, d is not 'the', n is not 'and').
  4. We may remove hyperlinks within comments.
  5. Please use a genuine email ID and provide your name, to avoid rejection.