At some point in the future, we’ll go a week without having to warn you about another zero-day exploit, but this is not that week. Google rolled out an update for the Chrome browser on desktop this Thursday that features four security fixes, including one for an exploit discovered earlier this week that has been found in the wild. Hackers are actively exploiting this security flaw, and that means you should update your browser now to keep your data safe.
Chrome’s technical program manager Srinivas Sista revealed the four fixes in a blog post:
-
CVE-2021-30554: Use after free in WebGL. Reported by anonymous on 2021-06-15
-
CVE-2021-30555: Use after free in Sharing. Reported by David Erceg on 2021-06-01
-
CVE-2021-30556: Use after free in WebAudio. Reported by Yangkang (@dnpushme) of 360 ATA on 2021-05-24
-
CVE-2021-30557: Use after free in TabGroups. Reported by David Erceg on 2021-04-23
As noted by The Hacker News, this is the eighth zero-day Chrome exploit that Google has patched in 2021. That number is undoubtedly higher than Google would like, but their team is clearly addressing the issues quickly. The key is for all of us to do our part and install the updates as soon as they roll out so that hackers don’t have an opportunity to take advantage of the flaws.
“I’m happy we are getting better at detecting these exploits and the great partnerships we have to get the vulnerabilities patched, but I remain concerned about how many are being discovered on an ongoing basis and the role of commercial providers,” tweeted Shane Huntley, a member of Google’s Threat Analysis Group, earlier this month after another zero-day was patched.
Chrome doesn’t always apply the latest updates when you open the browser, so if you want to check and see which version you are running, go to Settings and then click About Chrome at the bottom of the menu bar on the left side of the screen. If you’re already running the latest version of the browser, you’re good to go, but otherwise, you should begin the process of updating as soon as possible. Once it’s downloaded, click the Relaunch button to finish updating.