Google Chrome users have been instructed to download and update their software with emergency patches that fix potentially dangerous security vulnerabilities. The company has released Chrome 96.0.4664.110 for Windows, Mac, and Linux to fix a high-severity zero-day vulnerability in its web browser that appears to have already been exploited. “Google is aware of reports that an exploit for CVE-2021-4102 exists in the wild,” the company said in a security advisory. “We’d also like to thank all the security researchers who worked with us throughout the development cycle to prevent security bugs from reaching the stable channel.”
This latter threat, CVE-2021-4098, was discovered by Google Project Zero researcher Sergei Glazunov and affects poor data validation in Mojo, a collection of runtime libraries that manage Chrome’s interprocess communication system. Updates can be installed by restarting the browser the news comes on the heels of Google announcing that it has reconfigured its privacy and security settings in its latest Chrome beta, streamlining the ability for websites to delete data held by them. The company claims that the move will give web browser users more control over website storage settings, giving them a better understanding and control over their privacy on the web.