Dangerous vulnerability has been detected in Google Chrome, which is already used by hackers. “Kaspersky” company experts recommend to update the browser up to 88.0.4324.150 version as soon as possible as it closes the vulnerability.
CVE-2021-21148 critical vulnerability exists in all versions of Google Chrome, designed for all major PC operating systems: Windows, MacOS and Linux. This vulnerability helps to carry out a dynamic Heap Overflow attack so that the criminals will be able to execute arbitrary code on the victim's computer as a result.
For the successful exploitation of this vulnerability, it is enough for the criminals to create a special web page, to deceive and bring the victim there. As a result, they can take control of the vulnerable system.
“JavaScript V8 engine, used in the browser, is vulnerable. Google has received the information about the vulnerability on January 24 from researcher Matthias Boulens and has already released an update that closes it on February 4. Unknown hackers are actively using CVE-2021-21148 for attacks," said the company’s experts. They informed that, as always, Google is in no hurry to reveal the details until most of the active Chrome users update their browsers. That is understandable. Otherwise, the number of criminals exploiting this vulnerability may increase.
To protect Google Chrome from CVE-2021-21148.
• You need to update it urgently in all computers. To do this, press the three-dot button in the upper right corner of the browser and go to Settings -> About Chrome. Next, the browser should be updated automatically.
• It is necessary to restart the browser so that the update takes effect, it is better to do it immediately. Do not delay the restart because of the trouble of losing the necessary tabs. Modern versions of Chrome usually restore tabs accurately after restart.
• If Settings -> About Chrome window shows Google Chrome version number 88.0.4324.150, the browser has been updated, and CVE-2021-21148 vulnerability is no longer terrible.
