Google Chrome: emergency update to patch zero-day vulnerability has been released

Days after the release of Chrome 94 to the Stable channel, comes another update for Google’s Chrome web browser. Chrome 94.0.4606.61 is available for the desktop operating systems Linux, Mac and Windows. The update patches a security vulnerability in the client that is exploited actively in the wild.

Chrome users who run desktop versions of the web browser will get the update in the coming days and weeks. Load chrome://settings/help to check the installed version and run a manual check for updates. Chrome will pick up the latest version and install it immediately, which patches the security issues.

google chrome 94.0.4606.61 security patch

CVE-2021-37973 : Use after free in Portals, is rated as high by Google. High is the second highest rating after critical. Google does not reveal additional information about the vulnerability, other than that it is aware that an exploit “exists in the wild”. Portals are designed to improve transitions between webpages, and Google hopes that these will replace iframes eventually on the Web.

ADVERTISEMENT

The patch was not included in this week’s main update for the Stable channel of the browser, because it was reported on the day the update was released.

Considering that the issue is exploited actively already, Google advises customers to upgrade their versions of Chrome to the latest patched version as soon as possible.

It is unclear at this point if other browsers that are based on Chromium are also affected by the security issue.

Chrome 94 was released earlier this week. The browser patched 19 different security issues, several of which with the high severity rating. Google launched the controversial Idle Detection API in Chrome 94 which websites may use to detect whether users are idle. Users need to give explicit permission before sites may access the information.

Mozilla and Apple announced earlier that they won’t implement the API in Firefox and Safari, because of its abuse potential.

Google’s official post about the new release is found on the official Chrome Releases website.

Now You: when do you update your browsers?

Summary

Google Chrome: emergency update to patch zero-day vulnerability has been released

Article Name

Google Chrome: emergency update to patch zero-day vulnerability has been released

Description

Google released a security update for its Chrome web browser, which patches a new zero-day vulnerability in the browser that is exploited in the wild.

Author

Martin Brinkmann

Publisher

Ghacks Technology News

Logo

Advertisement

Comments

Post a Comment

Popular posts from this blog

Xbox Insiders app displays a rating to indicate how games will perform on your computer

Image
Can you run it? Gamers may recognize the phrase, it is the tag line of a popular benchmarking service that determines whether your computer can run a game or not. It’s actually a pretty terrible way to judge the performance of your system, but things like these have a cult/meme status. Now, if you are curious whether your PC can handle a game, there is a way you can get an idea. The Xbox app now displays a rating to indicate how the games will perform on your computer. I tried this on a Windows 10 machine with the regular Xbox app, it does not have the rating system. You will need to be using the Xbox Insiders app on your system to get the new feature. The Xbox app has been getting new features steadily, Microsoft recently added an option in the app that allows you to install games to any folder. ADVERTISEMENT Xbox Insiders app displays a rating to indicate how games will perform on your computer Search for a game, and visit its listing page. You will see a banner that displays
Read more

Latest Ventoy includes VentoyPlugson, a GUI configuration tool

Image
Ventoy 1.0.62, the latest version of the popular open source tool to create bootable USB devices using disk images such as ISO, includes a new tool called VentoyPlugson. VentoyPlugson gives Ventoy users a graphical user interface to configure the tool. Up until now, Ventoy users could only configure the application through the ventoy.json file directly; this option is not going away, and users can even mix and match both options, e.g. by using VentoyPlugson to create a ventoy.json file and then editing the file manually to tweak it further, The latest release version of Ventoy includes the tool in the zip archive. Windows users need to extract the archive that they download from the official repository and run VentoyPlugson.exe afterwards. ADVERTISEMENT It displays a small GUI. Select the Ventoy USB device and then the Start button; this should open the configuration page in the default browser. If that does not work, use the Link button instead. There is also a refresh button i
Read more

Progressive Web Apps for Firefox Extension

Image
Progressive Web Apps for Firefox is a browser extension for Mozilla’s Firefox web browser and a command line utility to install, manage and use Progressive Web Apps (PWAs) in Firefox. Mozilla’s Firefox web browser supports many of the APIs that PWAs use, but Mozilla decided some time ago to remove installation options from Firefox. Most Chromium-based browsers support installing PWAs directly from within. Installation on desktop systems adds these applications to the Start Menu for quick access, and these apps launch in their own dedicated window. Progressive Web Apps for Firefox introduces a number of features to Firefox that users of the browser may find useful. Some functionality may even be useful to users who don’t use PWAs. ADVERTISEMENT PWAs that are installed in Firefox through the extension benefit from a number of extra features. One of the most interesting features of the extension is that PWAs are run in an isolated Firefox extension that may use multiple profiles to s
Read more