Google Chrome update patches this major security issue

News
By published

CVE-2021-21148 is a high severity vulnerability for Google Chrome

Google Chrome
(Image credit: Shutterstpck)

Google has released a new update for its Chrome web browser – and this one contains an important security patch.  The vulnerability, being tracked as CVE-2021-21148, is reportedly already being exploited in the wild.

The tech firm did not go into much detail about the security flaw in order to avoid alerting other threat actors of the vulnerability. Google also withheld information in case third-party applications were suffering from the same flaw but did not have patches ready for deployment.

The search engine giant did reveal, however, that the bug has been given a severity ranking of “high” and was a heap buffer overflow memory corruption bug found affecting the V8 JavaScript engine. The vulnerability was discovered by security researcher Mattias Buelens, underlining the importance of bug discovery programs for maintaining a secure online environment.

The cleanup continues

Although Chrome’s auto-update feature will deliver the newly patched version of the browser (88.0.4324.150) direct to users, sometimes there can be delays if individuals do not restart Chrome or their computer regularly. Given the severity of this particular vulnerability, it’s probably a good idea to make sure that this update is installed pretty soon.

The lack of detail means that it is unclear which exploits Google has identified involving this vulnerability but ZDNet notes that shortly after Buelens reported on the flaw, Microsoft highlighted a cyberattack by North Korean hackers that it believed leveraged a Chrome zero-day. Therefore, some cybersecurity researchers are drawing connections between the two events.

Chrome’s security teams have certainly been busy of late, with plenty of vulnerabilities being discovered. As well as offering patches for other zero-day bugs, Google has also been working hard to remove malicious extensions from its Web Store as they can allow threat actors to infect unsuspecting users with malware.

Via Engadget

Barclay Ballard
Barclay Ballard

Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services.  After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things. 

Latest in Security
Image depicting hands typing on a keyboard, with phishing hooks holding files, passwords and credit cards.
Microsoft warns about a new phishing campaign impersonating Booking.com
Data leak
Hacked Tata Technologies data leaked by ransomware gang
A close-up photo of an iPhone, with the App Store icon prominent in the center of the image.
Thousands of iOS apps found to expose user data and leak Stripe keys
China
Chinese hackers targeting Juniper Networks routers, so patch now
Google Chrome dark mode
Google updates Chrome extension rules to ban affiliate link injection without user action or benefit
Abstract image of robots working in an office environment including creating blueprint of robot arm, making a phone call, and typing on a keyboard
This worrying botnet targets unsecure TP-Link routers - thousands of devices already hacked
Latest in News
The Russo brothers posing for a photograph and Herman carrying a Volkswagen camper van in The Electric State
'We're optimists': AI enthusiasts Joe and Anthony Russo defend its use in movies and TV shows, but admit there are 'very real dangers' around its application
UK Prime Minister Sir Kier Starmer
UK PM says AI should soon replace civil servants
Xbox Copilot in Minecraft
Microsoft confirms Copilot can be tested by Xbox Insiders next month and shares new details about how the AI sidekick will enhance the player experience: 'It has to be about gameplay, it has to be personalized to you'
Eight Samsung TVs mounted to the wall showing different basketball games
Samsung is offering you 8 new TVs in one bundle for March Madness, in case you want to watch all games at once like a Bond villain’s lair
Image depicting hands typing on a keyboard, with phishing hooks holding files, passwords and credit cards.
Microsoft warns about a new phishing campaign impersonating Booking.com
The Steam Logo on a mobile phone in front of a wall of games.
Today’s Steam Spring Sale features my absolute favorite game of all time - here's when the sale starts and all the key info
More about security
Image depicting hands typing on a keyboard, with phishing hooks holding files, passwords and credit cards.

Microsoft warns about a new phishing campaign impersonating Booking.com
A close-up photo of an iPhone, with the App Store icon prominent in the center of the image.

Thousands of iOS apps found to expose user data and leak Stripe keys
The Russo brothers posing for a photograph and Herman carrying a Volkswagen camper van in The Electric State

'We're optimists': AI enthusiasts Joe and Anthony Russo defend its use in movies and TV shows, but admit there are 'very real dangers' around its application
See more latest
Most Popular
The Russo brothers posing for a photograph and Herman carrying a Volkswagen camper van in The Electric State
'We're optimists': AI enthusiasts Joe and Anthony Russo defend its use in movies and TV shows, but admit there are 'very real dangers' around its application
Xbox Copilot in Minecraft
Microsoft confirms Copilot can be tested by Xbox Insiders next month and shares new details about how the AI sidekick will enhance the player experience: 'It has to be about gameplay, it has to be personalized to you'
Image depicting hands typing on a keyboard, with phishing hooks holding files, passwords and credit cards.
Microsoft warns about a new phishing campaign impersonating Booking.com
Dune Awakening screenshot showing the exploration of The O'odham
Latest Dune Awakening trailer provides a deeper look at open-world exploration on the planet Arrakis
close-up of soundbar mesh with Sonos branding
Sonos reportedly cancels its streaming video player, but I hope it resurrects one part of it, because it could be huge
A close-up photo of an iPhone, with the App Store icon prominent in the center of the image.
Thousands of iOS apps found to expose user data and leak Stripe keys
Emily takes a selfie in front of her apartment window in Rome in Emily in Paris
Emily in Paris season 5: everything we know so far about the hit Netflix show’s return
Eight Samsung TVs mounted to the wall showing different basketball games
Samsung is offering you 8 new TVs in one bundle for March Madness, in case you want to watch all games at once like a Bond villain’s lair
UK Prime Minister Sir Kier Starmer
UK PM says AI should soon replace civil servants
Best Google Chromecast Apps
Following recent problems, Chromecasts are getting a free update to Android 14 – here's what that means