Site icon The Cybersecurity Daily News

Chrome 91 Updates Addresses 32 Vulnerabilities

Chrome 91

CyberDaily: Cybersecurity news-

Google on May 25th announced the release of Chrome 91 to the stable channel. The latest update patches a total of 32 vulnerabilities.

Chrome 91 security vulnerabilities:

Google has newly announced the release of Chrome 91 in which the newest update patches a total of 32 security vulnerabilities.

Amongst the security holes that were deployed a patch for, in the latest Chrome 91 update, 21 of these vulnerabilities detected by external researchers were comprised of 8 high-severity vulnerabilities, 8 medium-severity ones, and 5 low-severity security vulnerabilities.

Also read,

One of the high-severity vulnerabilities, vulnerability tracked as CVE-2021-30521 is one of the most noteworthy ones.

CVE-2021-30521 is a heap buffer flaw in Autofill, a vulnerability for which Google rewarded a sum of $20,000 to the security researcher who reproed it.

Amongst the 8 medium-severity bugs addressed in the Chrome update, four of these vulnerabilities are inadequate policy enforcements.

The remaining four are out-of-bounds memory access, insufficient data validation, double-free, and use-after-free security holes.

The Chrome update also addresses low-severity bugs that include out-of-bounds read, insufficient policy enforcements, and incorrect security UI vulnerabilities.

The new browser release also includes patches for six high-severity use-after-free flaws in WebAudio, WebRTC, TabStrip, TabGroups, WebUI, and WebAuthentication. The eighth high-risk security bug is an out-of-bounds write in TabStrip.

A bug bounty of $15,000 was also rewarded by Google for the low-severity out-of-bounds read bug, tracked as CVE-2021-30536, which influences the Chrome V8 JavaScript engine, while addressing it in Chrome 91.

It is to note that the Chrome V8 JavaScript Engine was detected with two critical bugs that were made public. These included a proof-of-concept (PoC) exploit that was published before patches arrived, while the other was patched back in April.

The Google Chrome update is currently rolling out to Windows, Mac, and Linux users as Chrome 91.0.4472.77.

Exit mobile version