If you’re a Google Chrome user, you need to be aware of version number 93.0.4577.82, as it fixes a bunch of exploits, including two zero-day vulnerabilities that are being actively exploited in the wild. You need to download this update as soon as possible to make sure your devices are secure.
In the release notes for the latest Chrome version, the company says, “Google is aware that exploits for CVE-2021-30632 and CVE-2021-30633 exist in the wild.”
Today, the update targets two memory bugs that threat actors could use for remote code execution, sandbox escapes, and other malicious behavior that you absolutely don’t want happening to your devices. It also comes with nine other security fixes that are less critical, but still nice to have.
Both vulnerabilities were disclosed to Google on September 8th, 2021, so the company quickly fixed them. Of course, it didn’t publicize the issues until it had a fix, which is standard for these sorts of bugs.
Google mentioned that both issues were being actively exploited in the wild, but the company didn’t get into specifics regarding attacks.
Chrome version 93.0.4577.82 is rolling out now in the Stable channel. If Chrome hasn’t alerted you to update yet, you can go to the menu on the top-right of the corner, mouse over “Help,” and then click “About Google Chrome” to force the browser to check for the update.