Google patches new Chrome zero-day bug exploited in attacks<\/title><br \/>\n<\/head><br \/>\n<body><\/p>\n<p>Google has recently deployed an emergency security update to address a newly discovered zero-day vulnerability in its flagship browser, Chrome, marking it the third such incident already reported this year.<\/p>\n<p>This bug, coded as CVE-2021-30663, is under active exploitation by unknown attackers.<\/p>\n<h2 id=\"bug-details\">Details of the Bug and Patch<\/h2>\n<p>The third Google Chrome zero-day vulnerability of 2021, discovered internally by Google Project Zero, is categorised under ‘type confusion’ in the V8 JavaScript engine.<\/p>\n<p>V8 is Google’s open-source JavaScript and WebAssembly engine built for Chrome and Chrome OS.<\/p>\n<p>The tech giant released Chrome version 91.0.4472.101 for Windows, Mac, and Linux platforms, with the robust patch resolving fourteen vulnerabilities in total, including this actively-exploited zero-day bug.<\/p>\n<h2 id=\"exploitation\">The Exploitation<\/h2>\n<p>The cybersecurity community remains in the dark about the specifics of this zero-day exploitation, as Google maintains a policy of limited disclosure until a majority of users have applied the patch.<\/p>\n<p>This activity is aimed at protecting users who haven’t yet secured their browser by making it harder for other cyber threat actors to leverage this zero-day.<\/p>\n<p>However, Google confirms that an anonymous entity has provided evidence of an exploit for CVE-2021-30663 in the wild.<\/p>\n<h2 id=\"security-advice\">Security Advice for Users<\/h2>\n<p>In light of this development, users are strongly advised to manually check their Chrome versions and promptly install the 91.0.4472.101 update.<\/p>\n<p>This can be done by navigating to ‘help’ in the Chrome menu, selecting ‘About Google Chrome’, and applying recommended updates.<\/p>\n<p>Businesses employing Chrome in an enterprise environment should adopt a proactive, rather than reactive, approach towards patch management.<\/p>\n<p>Establishing procedures for regular patch updates and quick responses to emergency patches can considerably strengthen corporate security defenses.<\/p>\n<h2 id=\"previous-exploits\">Previous Zero-Day Exploits in 2021<\/h2>\n<p>This latest development follows two previous zero-day attacks on Google Chrome earlier this year – CVE-2021-21166 and CVE-2021-21193, both of which were subsequently patched.<\/p>\n<p>Cybersecurity experts speculate these exploits were connected to the same threat actor, given their similar characteristics.<\/p>\n<h3 id=\"follow-up-reading\">Follow-Up Reading<\/h3>\n<ul>\n<li><a href=\"https:\/\/www.csoonline.com\/article\/3348386\/zero-day-exploits-what-you-need-to-know.html\" target=\"blank\">Understanding Zero-Day Exploits<\/a><\/li>\n<li><a href=\"https:\/\/www.zdnet.com\/article\/zero-day-bugs-why-do-they-matter\/\" target=\"blank\">Significance of Zero-Day Bugs<\/a><\/li>\n<li><a href=\"https:\/\/www.darkreading.com\/attacks-breaches\/attackers-continue-to-exploit-outdated-software\" target=\"blank\">Attacker Trends: Exploiting Outdated Software<\/a><\/li>\n<\/ul>\n<p><\/body><br \/>\n<\/html><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Google patches new Chrome zero-day bug exploited in attacks Google has recently deployed an emergency<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"pmpro_default_level":"","_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[2,5],"tags":[],"class_list":["post-3490","post","type-post","status-publish","format-standard","hentry","category-cybersecurity","category-news","pmpro-has-access"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts\/3490","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/comments?post=3490"}],"version-history":[{"count":1,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts\/3490\/revisions"}],"predecessor-version":[{"id":3493,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts\/3490\/revisions\/3493"}],"wp:attachment":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/media?parent=3490"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/categories?post=3490"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/tags?post=3490"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":3490,"date":"2025-06-03T14:50:46","date_gmt":"2025-06-03T13:50:46","guid":{"rendered":"https:\/\/aegislens.com\/home\/?p=3490"},"modified":"2025-06-03T14:50:46","modified_gmt":"2025-06-03T13:50:46","slug":"latest-google-chrome-update-fixing-critical-zero-day-bug-exposed-in-cyber-attacks","status":"publish","type":"post","link":"https:\/\/aegislens.com\/home\/latest-google-chrome-update-fixing-critical-zero-day-bug-exposed-in-cyber-attacks\/","title":{"rendered":"Latest Google Chrome Update: Fixing Critical Zero-Day Bug Exposed in Cyber Attacks"},"content":{"rendered":"

\n
\nGoogle patches new Chrome zero-day bug exploited in attacks<\/title><br \/>\n<\/head><br \/>\n<body><\/p>\n<p>Google has recently deployed an emergency security update to address a newly discovered zero-day vulnerability in its flagship browser, Chrome, marking it the third such incident already reported this year.<\/p>\n<p>This bug, coded as CVE-2021-30663, is under active exploitation by unknown attackers.<\/p>\n<h2 id=\"bug-details\">Details of the Bug and Patch<\/h2>\n<p>The third Google Chrome zero-day vulnerability of 2021, discovered internally by Google Project Zero, is categorised under ‘type confusion’ in the V8 JavaScript engine.<\/p>\n<p>V8 is Google’s open-source JavaScript and WebAssembly engine built for Chrome and Chrome OS.<\/p>\n<p>The tech giant released Chrome version 91.0.4472.101 for Windows, Mac, and Linux platforms, with the robust patch resolving fourteen vulnerabilities in total, including this actively-exploited zero-day bug.<\/p>\n<h2 id=\"exploitation\">The Exploitation<\/h2>\n<p>The cybersecurity community remains in the dark about the specifics of this zero-day exploitation, as Google maintains a policy of limited disclosure until a majority of users have applied the patch.<\/p>\n<p>This activity is aimed at protecting users who haven’t yet secured their browser by making it harder for other cyber threat actors to leverage this zero-day.<\/p>\n<p>However, Google confirms that an anonymous entity has provided evidence of an exploit for CVE-2021-30663 in the wild.<\/p>\n<h2 id=\"security-advice\">Security Advice for Users<\/h2>\n<p>In light of this development, users are strongly advised to manually check their Chrome versions and promptly install the 91.0.4472.101 update.<\/p>\n<p>This can be done by navigating to ‘help’ in the Chrome menu, selecting ‘About Google Chrome’, and applying recommended updates.<\/p>\n<p>Businesses employing Chrome in an enterprise environment should adopt a proactive, rather than reactive, approach towards patch management.<\/p>\n<p>Establishing procedures for regular patch updates and quick responses to emergency patches can considerably strengthen corporate security defenses.<\/p>\n<h2 id=\"previous-exploits\">Previous Zero-Day Exploits in 2021<\/h2>\n<p>This latest development follows two previous zero-day attacks on Google Chrome earlier this year – CVE-2021-21166 and CVE-2021-21193, both of which were subsequently patched.<\/p>\n<p>Cybersecurity experts speculate these exploits were connected to the same threat actor, given their similar characteristics.<\/p>\n<h3 id=\"follow-up-reading\">Follow-Up Reading<\/h3>\n<ul>\n<li><a href=\"https:\/\/www.csoonline.com\/article\/3348386\/zero-day-exploits-what-you-need-to-know.html\" target=\"blank\">Understanding Zero-Day Exploits<\/a><\/li>\n<li><a href=\"https:\/\/www.zdnet.com\/article\/zero-day-bugs-why-do-they-matter\/\" target=\"blank\">Significance of Zero-Day Bugs<\/a><\/li>\n<li><a href=\"https:\/\/www.darkreading.com\/attacks-breaches\/attackers-continue-to-exploit-outdated-software\" target=\"blank\">Attacker Trends: Exploiting Outdated Software<\/a><\/li>\n<\/ul>\n<p><\/body><br \/>\n<\/html><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Google patches new Chrome zero-day bug exploited in attacks Google has recently deployed an emergency<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"pmpro_default_level":"","_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[2,5],"tags":[],"class_list":["post-3490","post","type-post","status-publish","format-standard","hentry","category-cybersecurity","category-news","pmpro-has-access"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts\/3490","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/comments?post=3490"}],"version-history":[{"count":1,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts\/3490\/revisions"}],"predecessor-version":[{"id":3493,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/posts\/3490\/revisions\/3493"}],"wp:attachment":[{"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/media?parent=3490"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/categories?post=3490"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/aegislens.com\/home\/wp-json\/wp\/v2\/tags?post=3490"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}