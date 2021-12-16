Google recognized the existence of a severe zero-day vulnerability of its Chrome browser, confirming that this weakness has already been exploited – although it has not been disclosed, exactly, how and to what extent. The Mountain View giant, however, together with the news of the problem also provided the solution, releasing the version 96.0.4664.110 Chrome for Windows, Mac and Linux on the stable channel: so if you haven’t already, update Chrome as soon as possible to take cover.

Returning to the problem recognized by Google, namely the CVE-2021-4102 vulnerability, we know that it is a use-after-free error which occurs in the Chrome 8 JavaScript engine. More specifically, this error concerns a pointer that refers to memory even after it is emptied.

The update, which as mentioned covers the flaw, contains five security-related fixes. Below you will find those provided by external researchers, which Google has chosen to underline (for more information you can consult the link in SOURCE).