Google has released a new version of Chrome for Windows, Linux and Mac that addresses four high-severity vulnerabilities in the browser. The most severe of these security flaws, designated CVE-2021-37977, might be used to execute arbitrary code on a target system.
An anonymous researcher discovered the flaw, which was classified as a use-after-free bug in Garbage Collection, last month. Google claims to have paid a US$10,000 reward for the discovery.
Chrome version 94.0.4606.81 is now available for desktop users, and it also fixes two heap buffer overflow vulnerabilities in WebRTC (CVE-2021-37979) and Blink (CVE-2021-37978).
To Read More: Securityweek