Skip to main content
Patch Management

Google Fixes Exploited Chrome Zero-Day Flaw

By April 21, 2021June 22nd, 2022No Comments

Google Fixes Exploited Chrome Zero-Day Flaw

A new Chrome zero-day vulnerability is being exploited due to a type confusion error within the V8 browser engine.

[vc_single_image image=”185826″ img_size=”full”]

Google Warns of Newly Exploited Zero-Day Flaw

Google has released Chrome_v90.0.4430.85 today to the Stable Channel and is impacting Windows, Linux and Mac OS, fixing a total of 7 vulnerabilities. This year, Google has released at least one zero-day version of Chrome each month.

The vulnerability exists due to a type confusion error within the V8 browser engine in Google Chrome. A remote attacker can create a specially crafted web page, trick the victim into visiting it, trigger a type confusion error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

How to Resolve the Chrome Zero-Day

Upgrade to the latest version of Chrome or later using Syxsense Secure.

Syxscore Risk Alert

This vulnerability has a significant risk as this can be exposed over any network, with low complexity and without privileges.  The CVE carries a CVSS score of 8.8 (High Severity)  the vulnerability is being weaponized.

  • Attack Vector: Network
  • Attack Complexity: Low
  • Privileges Required: None
  • User Interaction: Required
  • Scope (Jump Point): No
[vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]
[vc_single_image image=”206631″ img_size=”full”]

Start a Free Trial of Syxsense

Experience the power of Syxsense for free. Our intuitive technology helps you easily predict and remove security threats.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” link=”|||” css=”.vc_custom_1619044675871{margin-top: 15px !important;}”]

Leave a Reply