Actively exploited Chrome zero-day liability patched by Google

Actively exploited Chrome zero-day liability patched by Google

Google announced the launch of version 88.0.4324.150, of the Chrome browser for Linux, Mac, and Windows. The recent release has only one bugfix for a zero-day liability that was manipulated in the wild. The zero-day vulnerability was tagged as CVE-2021-21148 and has been described as a “heap overflow” memory corruption bug present in the V8 JavaScript engine.

The bug was exploited in attacks before Mattias Buelens, a security researcher, reported the problem to the engineers at Google on 24th January. After the report, the organization published a report regarding the attacks launched by North Korean hackers on the cybersecurity community.

Source: zdnet