Skip to main content

A zero-day Google Chrome security flaw requires you to update now

Google released an update to its Chrome browser for Windows and Mac users, and the internet giant strongly recommends that users apply the update as soon as possible. The update contains 14 security fixes — including a zero-day security flaw — that if left unchecked would leave the system vulnerable to attacks. Google categorized these fixes as critical, high, and medium importance.

Windows and Mac users who also surf the internet with the Chrome browser will want to make sure that they’re on version 91.0.4472.101. To make sure that you’re on the latest build of Chrome, launch your browser and then click on the three dots stacked vertically at the top right. Navigate to Settings, and then click About Chrome. From there, you’ll be able to view the Chrome version number, and you can update the browser if it wasn’t automatically updated in the background.

Recommended Videos

If you don’t immediately update your browser, Google should be pushing out the update to users in the coming days or weeks, the company stated on its blog.

Please enable Javascript to view this content

One of the security vulnerabilities that was listed — CVE-2021-30551 — is related to a flaw in Windows 10 that Microsoft had recently patched with its newest OS update.

“Chrome in-the-wild vulnerability CVE-2021-30551 patched today was also from the same actor and targeting,” Google Director of Software Engineering Shane Huntley wrote in a Twitter post, referencing that attackers who exploited that vulnerability also took advantage of the vulnerability from CVE-2021-33742. In its release note of the latest Chrome update, Google described the CVE-2021-30551 vulnerability as a “type confusion in V8,” which was reported by Clement Lecigne of Google’s Threat Analysis Group and Sergei Glazunov of Google Project Zero.

The vulnerability was initially discovered on June 4, Google stated, noting that the company “is aware that an exploit for CVE-2021-30551 exists in the wild.” Chrome relies on the JavaScript-based V8 rendering engine for its browser, and the rendering is also common for competing browsers based on the Chromium project, including Microsoft’s Edge.

Even if you’re not on Google Chrome, you’ll want to ensure that you’re running the latest release from the browser of your choice. Most browsers that use Chromium for rendering will also list the Chromium version number, and users should diligently check to see if a patch is available for their browser of choice. If you’re using Microsoft Edge, for example, you’ll want to launch your browser, and navigate to the About page. There, you’ll find the browser version number along with an option to update to the latest version if you’re not on the most current release. Similar procedures can be followed for Opera, Brave, and others that are based on Chromium.

According to Bleeping Computer, this is the sixth zero-day exploit for Chrome in 2021.

Chuong Nguyen
Silicon Valley-based technology reporter and Giants baseball fan who splits his time between Northern California and Southern…
Google has a great idea to fix your tab chaos in Chrome
Google Drive in Chrome on a MacBook.

If you use Google Chrome and are sick of managing an unruly mass of tabs in your web browser, help may soon be at hand. That’s because Google is testing a new feature that could bring order to your tab chaos.

As spotted by Leopeva64 on X (formerly Twitter), a new edition of Google Chrome Canary (a version of Chrome that lets users test out experimental features) contains a new tool called Organize Tabs nestled in the top-left corner of the browser.

Read more
Chrome is making a key change to protect you from phishing
Google Chrome with pinned tabs on a MacBook on a table.

Phishing campaigns -- where a fraudulent website or email is made to look like it comes from a legitimate source -- have caused a huge amount of destruction, leading to untold numbers of virus infections and money lost through scams. Google has just rolled out a powerful way to fight phishing in its Chrome browser, however, and it could help you avoid falling victim.

As part of Chrome’s 15th-anniversary update, Google will be pushing its Enhanced Safe Browsing feature to all users in the coming weeks. This checks website URLs against a list of malicious sites stored on Google’s cloud servers, all in real time. If a match is found, the website is blocked and a warning is displayed to users.

Read more
This Google Chrome feature may save you from malware
Google Chrome app on s8 screen.

There are probably hundreds of thousands of Google Chrome extensions out there, and with so many options to choose from, it can be hard to know whether the plugin you want to install is hiding malware nasties.

That could become a thing of the past, though, as Google is testing a feature that will warn you if an extension you installed has been removed from its Chrome Web Store.

Read more