Google push emergency Chrome update to patch two actively exploited Zero-day vulnerabilities

Home » Browsers

Reading time icon 1 min. read

Calendar icon Published on

by Surur Davids 

published on

Share this article

Readers help support MSpoweruser. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more

Google has patched its 15th zero-day vulnerability for Chrome, with the out of band release of Chrome 95.0.4638.69 for Windows, Mac, and Linux.

The release patches two zero-day vulnerabilities which are being actively exploited in the wild.

“Google is aware that exploits for CVE-2021-38000 and CVE-2021-38003 exist in the wild,” Google disclosed in the list of security fixes in today’s Google Chrome release.

CVE-2021-38000 is due to “Insufficient validation of untrusted input in Intents” and was assigned a High severity level.

CVE-2021-38003, is a High severity “Inappropriate implementation” bug in the Chrome V8 JavaScript engine.

Google did not say how the vulnerabilities are being exploited.

Besides the two actively exploited zero-day vulnerabilities, there are 5 other vulnerabilities fixed with the update.

As the bugs are being actively exploited Chrome users are urged not to delay installing the update, most easily achieved by simply restarting your browser.

via BleepingComputer.

Surur Davids

Surur Davids Shield

Smartphone Expert

Surur Davids is the founder of WMPoweruser which later became MSPoweruser.com. He's a smartphone expert with over a decade of experience.

Leave a Reply

Your email address will not be published. Required fields are marked *