Google has released an update to patch a zero-day vulnerability in Chrome 89. And it is a must-install one as it is open to any exploit. Google’s web browser surpassed 70% market share in 2020 and it is still the most popular browser worldwide.
Google admits zero-day vulnerability in Chrome 89
Labeled CVE-2021-21166, it is one of two security bugs reported last month by researchers at Microsoft Browser Vulnerability Research. It affects the handling of an audio component and is of critical severity.
Google acknowledged the existence of an exploit affecting this vulnerability but stopped short of sharing further details to allow users to install fixes and thereby prevent other cybercriminals from creating malware exploiting the flaw.
The update arrived last night with Chrome version 89.0.4389.72 and in addition to fixing the zero-day, it includes patches for 46 other security issues of varying severity. The new version is available for Windows, Mac and Linux systems.
It can be installed by downloading the new version from the Chrome website or updating existing versions by accessing the Settings tool (three dots) > Help > Google Chrome Info Installation is automatic and only requires restarting the browser to work with the latest version.
Google offers great security support and resolves them in a limited period of time. These types of vulnerabilities are critical, are actively exploited, and can affect hundreds of millions of machines considering that web browsers are surely the most used application on a personal computer.
In addition to security, the latest stable version of Chrome 89 has brought other new features such as Tab Search tab management, a new reading list, and the incorporation of Web HID and Web NFC technologies that will improve the use of progressive applications with the browser.