Google closes zero-day leak in Chrome that is actively being exploited

Google has updated its Chrome browser with patches for eight vulnerabilities, including a serious zero-day vulnerability that is actively being exploited by criminals. The vulnerability is in the JavaScript engine.

Google has updated Chrome to version 91.0.4472.164 to fix the vulnerabilities. It concerns the browser for Windows, Mac and Linux, which is automatically updated after a restart of the browser.

It concerns eight vulnerabilities, of which the severity of seven are labeled as high and that of the remaining as medium. Three concern the V8 engine for rendering JavaScript and WebAssembly and the most serious is the July 12 discovered CVE-2021-30563, as it is actively exploited by Google, according to Google.

It concerns a Type Confusion vulnerability, but the company has not yet provided more details. However, Sergei Glazunov of Google Project Zero also discovered a Type Confusion vulnerability in Chrome a month earlier, which is a different leak. Google will reveal more details once a majority of users have updated their browsers, the company promises .