Google patches a major zero-day vulnerability in Chrome

Google has patched a major zero-day vulnerability in its Chrome web browser that was being actively exploited in the wild.

Google said that the latest version of Chrome, that is, version 88.0.4324.150 has been rolled out on Windows, Mac and Linux. This update fixes the bug that has been listed as CVE-2021-21148: Heap buffer overflow in V8 and that it was reported by security researcher Mattias Buelens last month.

The company hasn't shared the exact details of the vulnerability yet but the update is available for all Chrome users to install now.

“Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed,” Srinivas Sista from the company's Chrome Team wrote in a post.

While Google didn't share details of the vulnerability, Android Police quoting a report by ZDNet said that this vulnerability may be linked to a vulnerability that security the company's researchers themselves may have fallen victim to that allowed malware to be run on their systems.

All said and done, Google has rolled out the update on the Chrome web browser. Users are advised to update their web browsers as soon as possible.