Google Chrome: emergency update to patch zero-day vulnerability has been released
Days after the release of Chrome 94 to the Stable channel, comes another update for Google's Chrome web browser. Chrome 94.0.4606.61 is available for the desktop operating systems Linux, Mac and Windows. The update patches a security vulnerability in the client that is exploited actively in the wild.
Chrome users who run desktop versions of the web browser will get the update in the coming days and weeks. Load chrome://settings/help to check the installed version and run a manual check for updates. Chrome will pick up the latest version and install it immediately, which patches the security issues.
CVE-2021-37973 : Use after free in Portals, is rated as high by Google. High is the second highest rating after critical. Google does not reveal additional information about the vulnerability, other than that it is aware that an exploit "exists in the wild". Portals are designed to improve transitions between webpages, and Google hopes that these will replace iframes eventually on the Web.
The patch was not included in this week's main update for the Stable channel of the browser, because it was reported on the day the update was released.
Considering that the issue is exploited actively already, Google advises customers to upgrade their versions of Chrome to the latest patched version as soon as possible.
It is unclear at this point if other browsers that are based on Chromium are also affected by the security issue.
Chrome 94 was released earlier this week. The browser patched 19 different security issues, several of which with the high severity rating. Google launched the controversial Idle Detection API in Chrome 94 which websites may use to detect whether users are idle. Users need to give explicit permission before sites may access the information.
Mozilla and Apple announced earlier that they won't implement the API in Firefox and Safari, because of its abuse potential.
Google's official post about the new release is found on the official Chrome Releases website.
Now You: when do you update your browsers?Advertisement