image credit: Pixabay

Update now! Chrome patches zero-day that was exploited in the wild

February 5, 2021

A Chrome patch has been issued with an advisory stating that the Stable channel has been updated to 88.0.4324.150 for Windows, Mac and Linux. The only noteworthy thing about this update is a patch for a zero-day vulnerability that has been actively exploited in the wild. But that one looks to be extremely important.

Which zero-day got patched?

Publicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures (CVE) database. Its goal is to make it easier to share data across separate vulnerability capabilities (tools, databases, and services). This zero-day got listed as CVE-2021-21148. From the update announcement for this Chrome patch we can learn that the patch counters a heap buffer overflow in the V8 JavaScript engine, reported by Mattias Buelens on January 24, 2021.

Read More on Malwarebytes