Picture of Kaspersky

Chrome 95.0.4638.69 (2 zero-day) update immediately

Google has released Chrome 95.0.4638.69 for Windows, Mac and Linux to fix two zero-day vulnerabilities already being used by intruders.

"Google is aware that expoits for CVE-2021-38000 and CVE-2021-38003 are already available," Google revealed in the list of security patches in today's version of Google Chrome.

google chrome zeroday
Picture of Kaspersky

But we know that a new version may take a while to reach everyone. So it is a good idea to update manually from the Stable Desktop channel.

To install the Chrome update right away, you need to go to Chrome menu> Help> About Google Chrome and the browser will start updating.

Zero-days of course were not revealed

This version of Chrome fixes a total of seven vulnerabilities, two of which are 0day already in use by malicious users.

The first 0day (CVE-2021-38000) is described as "Insufficient validation of an unreliable Intent import" and has been described as highly serious. This vulnerability was discovered by Google Threat Analysis Group's Clement Lecigne, Neel Mehta and Maddie Stone on September 15, 2021.

The second 0day, (CVE-2021-38003), is a "Serious Implementation" error again in the Chrome V8 JavaScript engine. This vulnerability was also discovered by Lecigne and reported on October 24.

At this time, Google has not provided further details for obvious reasons. However, as the new version is released we will learn more in future posts from the Google TAG blogs or Project Zero.

With these fixes, Google has closed 15 zero-days of Chrome since the beginning of 2021.

The other 13 zero-days corrected this year are listed below:

CVE-2021-21148 - 4 February 2021
CVE-2021-21166 - March 2, 2021
CVE-2021-21193 - March 12, 2021
CVE-2021-21220 - April 13, 2021
CVE-2021-21224 - 20 April 2021
CVE-2021-30551 - 9 June 2021
CVE-2021-30554 - 17 June 2021
CVE-2021-30563 - 15 July 2021
CVE-2021-30632 and CVE-2021-30633 - 13 September
CVE-2021-37973 - 24 September 2021
CVE-2021-37976 and CVE-2021-37975 - September 30, 2021

iGuRu.gr The Best Technology Site in Greeceggns

Get the best viral stories straight into your inbox!















google, chrome, chrome zero day, 0day, iguru

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).