Google Chrome attacks cracked Macs, iPhones, Android, and Windows
Google Chrome 91.0.4472.164 patches the latest in a continuing series of zero-day security flaws. “Google is aware of reports that an exploit for CVE-2021-30563 exists in the wild“, and the update patches additional high-priority security flaws.
Bleeping Computer describes how earlier Chrome zero-days were exploited by Israeli spyware vendor Candiru to infect Macs and iPhones.
Google patches 8th Chrome zero-day exploited in the wild this year
The Google Threat Analysis Group (TAG) has shared additional details earlier this week regarding in-the-wild CVE-2021-21166 and CVE-2021-30551 Chrome zero-days.
“Based on our analysis, we assess that the Chrome and Internet Explorer exploits described here were developed and sold by the same vendor providing surveillance capabilities to customers around the world,” Google said. On Thursday, Microsoft and Citizen Lab linked the vendor mentioned in Google TAG’s report to Israeli spyware vendor Candiru
Threat actors deployed the surveillance vendor’s spyware to infect iOS, Android, macOS, and Windows devices using Chrome zero-days and Windows unpatched flaws. The latest Chrome security fix should be applied immediately, and other Chromium-based browsers, including Brave, Opera, Microsoft Edge, and Chromium itself, should also be updated promptly.
Available for Linux, macOS, and Windows, Chromium is the open-source web browser project on which Google Chrome and other browsers are built, but it doesn’t include Google’s proprietary alterations, including trackingmechanisms.
Additional links:
Chrome Releases
Chrome downloads
Chrome system requirements
Chrome for iOS Brave
Chromium Blog
Chromium Home
ungoogled-chromium |
