Google recently released the new version of Chrome web browser (Chrome version 91.0.4472.101) for major platforms like Windows, macOS, and Linux.
In this new version, Google fixed a total of 14 vulnerabilities, including a zero-day vulnerability that is exploited in real-world attacks.
According to experts, the zero-day vulnerability was tracked as CVE-2021-30551 and was used in attacks by the same group that exploited the CVE-2021-33742 vulnerability in Windows, however, it was already fixed by Microsoft as part of the June Patch Tuesday.
On June 8, “Kaspersky Lab” has published a report on the activities of PuzzleMaker groups, using the vulnerability in Windows zero-day (CVE-2021-31955 and CVE-2021-31956), along with a chain of vulnerabilities in Chrome in the attacks on the company worldwide, but, CVE-2021-31955 and CVE-2021-31956 are also fixed by the manufacturer.
In addition to CVE-2021-30551, Google has also eliminated a number of dangerous vulnerabilities in various browser components like:-
- Other services
Moreover, this is the sixth zero-day vulnerability patched by Google this year, while other five vulnerabilities that are fixed by the company earlier this year are mentioned below:-
- CVE-2021-21148 (Fixed in February)
- CVE-2021-21166 (Fixed in March)
- CVE-2021-21193 (Fixed in March)
- CVE-2021-21220 (Fixed in April)
- CVE-2021-21224 (Fixed in April)
However, to stay protected and avoid such vulnerabilities, the security experts have strongly recommended users to immediately update their browser with the latest security patch released by Google.