According to a blog post by Mattias Buelens, a digital security researcher, he discovered a major flaw in Chrome 88, namely the JavaScript V8 engine. Matthias reported his find to Google on January 24, and the company accepted the request for processing. With its help, attackers can run malicious code on victims’ computers. Unfortunately, the CVE-2021-21148 vulnerability is still exploited by some hackers, so it is recommended not to wait for the automatic download of the update but to install it manually in the “About browser” section. The same applies to other web browsers on the Chrome engine. The ZDNet portal notes that North Korean hackers used CVE-2021-21148 to steal data. They created some forums to which users were lured through spam.

Google itself has not yet disclosed details about this vulnerability, as it is waiting for most of the users to receive the update. Otherwise, attackers who receive the details about this will be able to exploit the hole.