The Chrome browser for Windows, Mac, and Linux has been updated to version 90.0.4430.85. Seven security patches are included in the update, including one for a zero-day flaw that was exploited in the wild.
The zero-day – tracked as CVE-2021-21224 – was reported as a “type confusion in V8”.
In the advisory written by Srinivas Sista, Chrome technical program manager, five vulnerabilities were detailed: CVE-2021-21223 integer overflow in Mojo, CVE-2021-21225 out of bounds memory access in V8, CVE-2021-21222 heap buffer overflow in V8, CVE-2021-21224 type confusion in V8, and CVE-2021-21226 use after free in navigation.
To Read More: zdnet
