Google is releasing a patch for a high severity zero-day vulnerability in Chrome that is being exploited in the wild by attackers. The vulnerability, tracked as CVE-2021-21148, is a heap buffer overflow bug in V8, which is Google’s open source WebAssembly and JavaScript engine. The bug was fixed in the new version of Chrome that was released on February 4th, to the stable desktop channel for Windows, Mac, and Linux users. This version of Chrome, 88.4323.150, is being rolled out to the entire userbase within the next few days. Google did not release any details about the attacks being seen exploiting this vulnerability.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security