If you use Chrome for Mac, you should be sure it will be updated today: Google just fixed a vulnerability that was actively exploited by North Korean hackers.

Google characterizes it as a high risk bug.

This update contains 1 security update. Please see the Chrome security page for more information.

[$TBD][1170176] High CVE-2021-21148: Heap buffer overflow in V8. Reported by Mattias Buelens on January 24th, 2021

Google is aware of reports that an exploit for CVE-2021-21148 exists in the wild.

CNET Background reports that security researchers were considered one of the targets.

The zero-day, which was assigned the ID CVE-2021-21148, was described in the V8 JavaScript engine as a “Heap Overflow” memory corruption error.

Google said the flaw had been exploited in attacks in the wild before a security researcher named Mattias Buelens reported the problem to his engineers on Jan. 24.

Two days after Buelens’ report, the Google security team released a report …



Source link

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.