Google’s browser released a vulnerability which is actively being exploited in the wild.
Chromium CVE-2021-21148: Heap Buffer Overflow
Google released a new chrome update advising users to update immediately which is being actively exploited in the wild.
However, “Google is aware of reports that an exploit for CVE-2021-21148 exists in the wild,” the company said in a statement.
The Zero-day bug CVE-2021-21148, described as a “heap overflow” memory corruption bug in the V8 JavaScript engine.
Follow Us on: Twitter, Instagram, Facebook to get latest security news!
Where this bug was report by Mattias Buelens on 2021-01-24.
After Buelens reported the flaw, Google’s security team published a report about attacks carried out by North Korean hackers.
Google and Microsoft disclosed the attacks, with an elaborate social engineering campaign to install a Windows backdoor against security researchers.
However the attack made — with malicious MHTML files that > when opened > downloads two payloads from a remote server > one of which contained a zero-day against Internet Explorer.
Security Recommendation:
On the other hand, earlier this month Google fixed six flaws including a critical and other high severity flaws.
Regardless of the exact of details about the vulnerability, Google recommended its user to ensure they’re running the latest version of Chrome.
Though the update is automatic, check for the version 88.0.4324.150 > Chrome menu > Help option >About Google Chrome section.
What’s Happening i’m new to this, I stumbled upon this I’ve discovered It absolutely useful and it has aided
me out loads. I hope to contribute & assist different users like its aided me.
Great job.