Notebookcheck Logo

Google releases emergency fixes for high-risk vulnerabilities in Google Chrome

Online Safety in Google Chrome. (Image source: Google)
Online Safety in Google Chrome. (Image source: Google)
The new version of Google Chrome 94.0.4606.71 released on September 30 for Windows, Linux and Mac platforms addressed pressing security flaws including two highly-rated exploits.

Security experts as well as external researchers have detected key bugs and exploits such as “use after free” bugs and information leaks. The “use after free” flaws have been identified as CVE-2021-37974 and CVE-2021-37975 and are both considered high risk as they may cause data corruption.

The CVE-2021-37974 bug affected safe browsing and was noted on September 1 by Weipeng Jiang who is affiliated with Codesafe Team of Legendsec at Qi’anxin Group. Meanwhile, CVE-2021-37975 was found by an anonymous source on September 24; and this bug appeared in the V8 JavaScript engine.

Moreover, CVE-2021-37976 was designated as a medium-level security flaw and was stated to cause an “information leak in core”. This exploit was characterized by the combined efforts of Clement Lecigne at Google TAG, who was supported by Sergie Galzunov and Mark Brand based at Google Project Zero on September 21.

Google has decided to limit access to the details of these exploits since third party related software and projects may not have been updated with the security fixes. Additionally, these restrictions may be maintained until most users update their Chrome browsers with these fixes.

Buy the ASUS Chromebook Flip C434 2-In-1 Laptop on Amazon

static version load dynamic
Loading Comments
Comment on this article
Please share our article, every link counts!
> Notebook / Laptop Reviews and News > News > News Archive > Newsarchive 2021 10 > Google releases emergency fixes for high-risk vulnerabilities in Google Chrome
Aleem Ali, 2021-10- 3 (Update: 2021-10- 6)