Google Patches Several Under-Attack Chrome Zero-days

10
Google Patches Several Under-Attack Chrome Zero-days

Google has recently announced its Chrome point-update to patch several security vulnerabilities affecting the users of Windows, MacOS, and Linux. It was aware of the reports that these vulnerabilities, CVE-2021-21206, and CVE-2021-21220 are being exploited in the marketplace. 

Certainly, the tech giant’s problems with in-the-wild browser zero-days seem to be multiplying with time. Although, it did not provide any more details on the cyber-attacks or any IOCs to help companies find signs of infection.

One of the bugs has been described as – “insufficient validation of untrusted input in V8 for x86_64”. It was a part of an exploit chain demonstrated at the Pwn2Own marketing contest.

Source: SecurityWeek