Skip to main content
Patch Management

Google Fixes Exploited Chrome Zero-Day Flaw

By April 21, 2021November 10th, 2022No Comments
||

Google Fixes Exploited Chrome Zero-Day Flaw

A new Chrome zero-day vulnerability is being exploited due to a type confusion error within the V8 browser engine.

Google Warns of Newly Exploited Zero-Day Flaw

Google has released Chrome_v90.0.4430.85 today to the Stable Channel and is impacting Windows, Linux and Mac OS, fixing a total of 7 vulnerabilities. This year, Google has released at least one zero-day version of Chrome each month.

The vulnerability exists due to a type confusion error within the V8 browser engine in Google Chrome. A remote attacker can create a specially crafted web page, trick the victim into visiting it, trigger a type confusion error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

How to Resolve the Chrome Zero-Day

Upgrade to the latest version of Chrome or later using Syxsense Secure.

Syxscore Risk Alert

This vulnerability has a significant risk as this can be exposed over any network, with low complexity and without privileges.  The CVE carries a CVSS score of 8.8 (High Severity)  the vulnerability is being weaponized.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): No

Start a Free Trial of Syxsense

Experience the power of Syxsense for free. Our intuitive technology helps you easily predict and remove security threats.

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo

Leave a Reply