Attackers can use it to run code on the victim’s computer
Google has released a small but important update for its branded browser. The stable version of Chrome 88.0.4324.150 is available for Windows, macOS, and Linux.
Everyone urgently needs to update: Google has fixed a vulnerability in Chrome that has been actively exploited
It fixes the high-severity vulnerability CVE-2021-21148, which was discovered by cybersecurity specialist Mattias Buelens and reported on January 24. A “hole” in Chrome WebAssembly and the V8 JavaScript engine allows attackers to run executable code on the victim’s computer.
Google does not disclose specific details as the vulnerability is present in third-party libraries that third-party projects depend on. However, it is reported that the vulnerability is actively exploited in real life.
Resource ZDNet managed to link the vulnerability to the campaign carried out by North Korean hackers against the cybersecurity community. Users are advised to update their browsers as soon as possible.
As noted by the developers, Google update 88.0.4324.150 will be distributed to all users in the coming days or weeks.