Google Chrome Releases Two Zero Day Patches

Google has released an emergency update Chrome 94.0.4606.71 that fixes two zero-day vulnerabilities being exploited in the wild. These are the second and third zero-day vulnerabilities found this year. A total of twelve zero-days have been found in the browser since January. The new version will be released on all three platforms, Windows, Mac, Linux, to fix these issues.
 

Google stated the following:

“Google is aware the exploits for CVE-2021-37975 and CVE-2021-37976 exist in the wild,”
 
“Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” the company said in Thursday’s security update. “We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.”
 
 

Here are details on the two zero-days:

  • CVE-2021-37976 Google Project Zero found a bug in a critical component of Chrome. The bug was rated as a Medium severity issue and was assigned a CVE designation. Google TAG researcher Clément Lecigne reported the bug on September 21, 2016. He received assistance from Sergei Glazunov and Mark Brand from Google Project Zero.
  • CVE-2021-37975 An anonymous contributor reported a bug in V8, Google’s open-source, high-performance JavaScript engine. The bug was rated one of two high-severity flaws in Google’s Sept. 26 update. V8 translates JavaScript code into machine code instead of using an interpreter. On Sunday, the bug was reported by an anonymous contributor. It is one of two flaws in Google’s Sept. 26 update (the other rated high-severity).

 

Update Google Chrome

Google has a task schedule that should auto update your google chrome but for some may not be so lucky. Either you can download Google Chrome from their website or run Patch My PC this will also patch other 3rd party software you may have on your computer.
 
If your a MSP using Kaseya I have a Patch MY PC Script that you can deploy to all your systems that can be scheduled to run on a weekly basis.

I hope this article was helpful, if you have any questions please feel free to contact me. If you would like to be notified of when I create a new post you can subscribe to my blog alert.


Discover more from Patrick Domingues

Subscribe to get the latest posts sent to your email.

author avatar
Patrick Domingues

Leave a Comment

Stay Informed

Receive instant notifications when new content is released.