Google released today on Wednesday version 90.0.4430.85 of the browser Chrome for all supported Windows, Mac and Linux desktops.
The release contains seven security fixes, including a zero-day vulnerability that usesalready by malicious users.
The zero-day vulnerability, which has the ID CVE-2021-21224, was described as "type confusion in V8".
The Chrome Srinivas Sista Technical Administrator reports and analyzes five vulnerabilities: CVE-2021-21222 heap buffer overflow in V8, CVE-2021-21223 integer overflow in Mojo, CVE-2021-21225 out of bounds memory access in V8, CVE-2021-21226 use after free in navigation, and CVE-2021-21224 type confusion in V8.
"Google knows they are already on the market exploits for CVE-2021-21224 ", he states.
Srinivas Sista thanked five researchers for their contribution and added that his own department was responsible for a wide range of corrections.