Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Warning: Google Chrome users need to update the software immediately
Google's Chrome browser has a number of security flaws that could pave the way for a variety of attacks, including a V8 bug that could allow hackers to remotely attack (RCE) based on a user's browser.
Reported by security expert Gengming Liu from Singular Security Laboratory, the V8 vulnerability (CVE-2021-21227) was assessed to be of high severity.
However, Liu told SecurityWeek that the level was somewhat mitigated because the attacker could not get out of Chrome's sandbox, meaning attackers could not access any programs or data. and any other application on victim's computer.
Therefore, the hacker will need to associate the CVE-2021-21227 vulnerability with another security vulnerability in order to successfully invade the victim's computer.
The researcher also noted that his findings were linked to previous V8 vulnerabilities, which are now patched (CVE-2020-16040 and CVE-2020-15965).
Here are all 9 security vulnerabilities in Chrome browser that have been patched by Google through the latest update.
These vulnerabilities not only affect Chrome, but also on other browsers - like Microsoft Edge - that use the Chromium kernel.
- - CVE-2021-21227: Incomplete data validation vulnerability exists in the V8 component.
- - CVE-2021-21228: Incomplete policy enforcement vulnerability exists in the extensions.
- - CVE-2021-21229: Incorrect-security-UI vulnerability exists in downloads.
- - CVE-2021-21230: The type confusion (wrong type) vulnerability exists in the V8 component.
- - CVE-2021-21231: Insufficient data validation vulnerability exists in V8 component.
- - CVE-2021-21232: A use-after-free vulnerability exists in Development Tools component. This is a type of memory-related vulnerability, causing memory to become corrupted or allowing data to be modified in memory, leaving the user completely stripped of privileges on an affected system or software. .
- - CVE-2021-21233: Heap overflow vulnerability exists in ANGLE component.
Google fixed the flaws in its latest release (90.0.4430.93) for Windows, Mac, and Linux, released Tuesday (April 27, US time).
Chrome users should install the recently released security update to prevent any possible attacks.
Warning: Google Chrome users need to update the software immediately Picture 1
To update your Google Chrome browser, click the menu icon (3 dots) in the upper right corner, then select Help> About Chrome (about Chrome). After the update is complete, click Relaunch to restart the browser.
Chrome Update 90.0.4430.93 is now available for Windows, Mac, and Linux users.
David PacYou should read it
- Google Chrome is now 23% faster, have you tried it?
- Google Chrome temporarily prevents sideload of extensions
- Google Chrome released Chrome 15 beta
- Google released Google Chrome 26
- Put Google as the homepage on Google Chrome
- Fix the Google Chrome sync feature not working
- The latest ways to fix faulty Google Chrome 2022
- Google launched Chrome 33, patched 7 new security bugs
- Top 10 best Google Chrome extensions to avoid distractions when working
- Please download Google Chrome 62 for Windows, Mac and Linux
- How to restore Google Chrome tab on your phone
- Google released Chrome 70 with many new improvements
Web browser
5 new features of Microsoft Edge- Microsoft Edge has added new PDF features to compete with Google Chrome
- How to enable Kids Mode in the Edge browser
- How to turn off Chromecast feature in Google Chrome
- How to earn and use virtual currency with Brave browser
- Top 10 extensions to help increase learning efficiency on Google Chrome
5 new features of Microsoft Edge
Microsoft Edge has added new PDF features to compete with Google Chrome
How to enable Kids Mode in the Edge browser
How to turn off Chromecast feature in Google Chrome
How to earn and use virtual currency with Brave browser
Top 10 extensions to help increase learning efficiency on Google Chrome