The most popular web browser google chrome with more than 2 billion users all across the world revealed that a new zero-day exploit (CVE-2020-30563) has been found in chrome after being reported by Sergei Glazunov of Google’s specialist Project Zero security team. Zero-day classification means the vulnerability is out in the wild and actively being exploited.
Chrome technical program manager Srinivas Sista has said, little is known about the vulnerability (CVE-2021-30554) other than it being found in WebGL, a JavaScript API for rendering. It is standard practice for Google to keep zero-day details to a minimum to buy Chrome users more time to upgrade. “Google is aware that an exploit for CVE-2021-30554 exists in the wild”.
This caused Google to issue its second urgent upgrade warning in a week and wants all the users to manually update the browser if the chrome version is not Linux, macOS and Windows is listed as 91.0.4472.114 or above.
It’s High time for google chrome users to stay alert. The security vendor, Kaspersky, also warned that a new group of hackers calling themselves ‘PuzzleMaker’ have been successful in chaining together Chrome zero-day bugs to install malware on Windows systems.