Users are advised to update their web browser to the latest version after Google confirmed a critical security risk with Chrome. As a result of the active exploitation of the security loophole by hackers, it was marked as critical.
New blog posts from Google acknowledge the vulnerability and bring the Chrome update to mitigate it. As outlined in the blog, CVE-2021-37973 impacts Linux, Mac, and Windows users of Chrome. Microsoft has rolled out the Chrome stable channel 94.0.4606.61 for Windows, Macs, and Linux to protect customers from exploiting this risk.
What is a zero-day vulnerability?
Zero-day vulnerabilities have been identified as a security risk. Google managed to find and fix the problem through the update only after it had been actively attacked by hackers. “an exploit for CVE-2021-37973 exists in the wild.” Google wrote in the blog. Such vulnerabilities are more dangerous than regular security loopholes since hackers typically have a head start on security researchers and have already exploited them.
In order to prevent further exploitation of the security hole, Google has not yet provided any more information about the flaw. Once more people upgrade to Chrome’s latest version, more details are likely to become available as the flaw is no longer affecting Chrome users.
This is a Use-After-Free (UAF) vulnerability according to Google’s blog post. When dynamic memory is incorrectly used during program execution, such loopholes may exist. According to a note by Kaspersky, an attacker can exploit an error that occurs after a program frees a memory location if it fails to clear its pointer to that memory.
Related Post – Why Cyber Security is Important for Your Online Business
Chrome browser needs to be updated to the latest version according to Google
Chrome users have been urged to update their browsers to take advantage of the new security fix for the vulnerability. Checking the current version of Chrome can be found in Settings > Help > About Google Chrome.
If Chrome version 94.0.4606.61 or higher is installed, the security fix is in place and functioning. A browser below that indicates it has not yet been updated.
Until the update is available on their browser, users are advised to keep checking for it. If the update is available, install it and restart Chrome to apply the security fix.