|CVE-2021-4102||Google Patched Zero-days in Chrome said to be Exploited in the Wild||Google Chrome||Critical||16-12-2021|
Google had patched 5 vulnerabilities in Google Chrome, one of which CVE-2021-4102, is said to have been exploited in the wild. Exploitation of CVE-2021-4102 can result in corruption of valid data or even remote code execution on the victim’s device. These vulnerabilities have been patched on Windows, Mac and Linux platforms.
CVE-2021-4102: Use after free in V8 – Severity High [Exploited in Wild]
CVE-2021-4101: Heap buffer overflow in Swiftshader – Severity High
CVE-2021-4100: Object lifecycle issue in ANGLE – Severity High
CVE-2021-4099: Use after free in Swiftshader – Severity High
CVE-2021-4098: Insufficient data validation in Mojo – Severity Critical
Since Microsoft Edge is Chromium-based, those browser versions too might be vulnerable.
K7 Computing advises all its customers to update Google Chrome and Microsoft Edge browsers to the latest versions.
To update Chrome:
1. In Chrome browser, click on 3 dots on right-hand side of window
2. Go to Help -> About Google Chrome
3. If update is available, the browser will display a message that its checking for updates
To update Edge:
1. In Microsoft Edge browser, click on the 3 dots (…) on the very right-hand side of the window
2. Go to Help and Feedback -> About Microsoft Edge
3. If update is available, browser will display a message that its checking for updates