<link href='https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3448621598664628523&zx=9efb3356-ba5c-49ad-a811-f7f7e4d26e44' media='none' onload='if(media!='all')media='all'' rel='stylesheet'/><noscript><link href='https://www.blogger.com/dyn-css/authorization.css?targetBlogID=3448621598664628523&zx=9efb3356-ba5c-49ad-a811-f7f7e4d26e44' rel='stylesheet'/></noscript>
<meta name='google-adsense-platform-account' content='ca-host-pub-1556223355139109'/>
<meta name='google-adsense-platform-domain' content='blogspot.com'/>

<script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1618281995222563&host=ca-host-pub-1556223355139109" crossorigin="anonymous"></script>

<!-- data-ad-client=ca-pub-1618281995222563 -->

<link rel="stylesheet" href="https://fonts.googleapis.com/css2?display=swap&family=Playfair+Display&family=Indie+Flower&family=Open+Sans&family=Poppins"></head><body>

Customize your view

Setting applies to this browser only

Background

Light
Dark
System default

Google Fixed two Vulnerabilities in Chrome, Including 0Day

Admin

April 14, 2021

Table of Contents

Google specialists have released a new version of the Chrome browser (89.0.4389.128) for Windows, macOS and Linux, fixing two vulnerabilities, for one of which there is already a PoC code, and the second is actively exploited in attacks.

In the first case, we are talking about the vulnerability CVE-2021-21220 in the rendering JavaScript engine V8, demonstrated by experts as part of the Pwn2Own 2021 competition.

As a reminder, security researcher Rajwardhan Agarwal published a working exploit for exploiting CVE-2021-21220 by reverse engineering the patch in the source code of the browser component. Agarwal also reported another vulnerability affecting Chromium-based browsers. The issue has been fixed in other browsers, however the latest release of Chrome remains vulnerable to attacks.

“The problems are different in nature, both of them can be used to remotely execute code during rendering,” the specialist explained.

Another vulnerability, CVE-2021-21206 , is a post-release exploit issue in the Blink browser engine for Chromium. According to Google, it is already being used in real attacks, but the company, as usual, does not disclose the details until the majority of users have installed the update.

Read Also

Share:

You may like these posts Show all

Post a Comment

<script type="text/javascript" src="https://www.blogger.com/static/v1/widgets/2613211189-widgets.js"></script>
<script type='text/javascript'>
window['__wavt'] = 'AOuZoY7sVyZbYbl8yaOWoD3YxIFgjD8syQ:1722043475094';_WidgetManager._Init('//www.blogger.com/rearrange?blogID\x3d3448621598664628523','//www.cyberkendra.com/2021/04/google-fixed-two-vulnerabilities-in.html','3448621598664628523');
_WidgetManager._SetDataContext([{'name': 'blog', 'data': {'blogId': '3448621598664628523', 'title': 'Cyber Kendra', 'url': 'https://www.cyberkendra.com/2021/04/google-fixed-two-vulnerabilities-in.html', 'canonicalUrl': 'https://www.cyberkendra.com/2021/04/google-fixed-two-vulnerabilities-in.html', 'homepageUrl': 'https://www.cyberkendra.com/', 'searchUrl': 'https://www.cyberkendra.com/search', 'canonicalHomepageUrl': 'https://www.cyberkendra.com/', 'blogspotFaviconUrl': 'https://www.cyberkendra.com/favicon.ico', 'bloggerUrl': 'https://www.blogger.com', 'hasCustomDomain': true, 'httpsEnabled': true, 'enabledCommentProfileImages': true, 'gPlusViewType': 'FILTERED_POSTMOD', 'adultContent': false, 'analyticsAccountNumber': 'G-YN9DJXCC22', 'analytics4': true, 'encoding': 'UTF-8', 'locale': 'en', 'localeUnderscoreDelimited': 'en', 'languageDirection': 'ltr', 'isPrivate': false, 'isMobile': false, 'isMobileRequest': false, 'mobileClass': '', 'isPrivateBlog': false, 'isDynamicViewsAvailable': true, 'feedLinks': '\x3clink rel\x3d\x22alternate\x22 type\x3d\x22application/atom+xml\x22 title\x3d\x22Cyber Kendra - Atom\x22 href\x3d\x22https://www.cyberkendra.com/feeds/posts/default\x22 /\x3e\n\x3clink rel\x3d\x22alternate\x22 type\x3d\x22application/rss+xml\x22 title\x3d\x22Cyber Kendra - RSS\x22 href\x3d\x22https://www.cyberkendra.com/feeds/posts/default?alt\x3drss\x22 /\x3e\n\x3clink rel\x3d\x22service.post\x22 type\x3d\x22application/atom+xml\x22 title\x3d\x22Cyber Kendra - Atom\x22 href\x3d\x22https://www.blogger.com/feeds/3448621598664628523/posts/default\x22 /\x3e\n\n\x3clink rel\x3d\x22alternate\x22 type\x3d\x22application/atom+xml\x22 title\x3d\x22Cyber Kendra - Atom\x22 href\x3d\x22https://www.cyberkendra.com/feeds/4716238121549832535/comments/default\x22 /\x3e\n', 'meTag': '', 'adsenseClientId': 'ca-pub-1618281995222563', 'adsenseHostId': 'ca-host-pub-1556223355139109', 'adsenseHasAds': true, 'adsenseAutoAds': true, 'boqCommentIframeForm': true, 'loginRedirectParam': '', 'view': '', 'dynamicViewsCommentsSrc': '//www.blogblog.com/dynamicviews/4224c15c4e7c9321/js/comments.js', 'dynamicViewsScriptSrc': '//www.blogblog.com/dynamicviews/cb9ac0d38b292957', 'plusOneApiSrc': 'https://apis.google.com/js/platform.js', 'disableGComments': true, 'interstitialAccepted': false, 'sharing': {'platforms': [{'name': 'Get link', 'key': 'link', 'shareMessage': 'Get link', 'target': ''}, {'name': 'Facebook', 'key': 'facebook', 'shareMessage': 'Share to Facebook', 'target': 'facebook'}, {'name': 'BlogThis!', 'key': 'blogThis', 'shareMessage': 'BlogThis!', 'target': 'blog'}, {'name': 'Twitter', 'key': 'twitter', 'shareMessage': 'Share to Twitter', 'target': 'twitter'}, {'name': 'Pinterest', 'key': 'pinterest', 'shareMessage': 'Share to Pinterest', 'target': 'pinterest'}, {'name': 'Email', 'key': 'email', 'shareMessage': 'Email', 'target': 'email'}], 'disableGooglePlus': true, 'googlePlusShareButtonWidth': 0, 'googlePlusBootstrap': '\x3cscript type\x3d\x22text/javascript\x22\x3ewindow.___gcfg \x3d {\x27lang\x27: \x27en\x27};\x3c/script\x3e'}, 'hasCustomJumpLinkMessage': false, 'jumpLinkMessage': 'Read more', 'pageType': 'item', 'postId': '4716238121549832535', 'postImageThumbnailUrl': 'https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiT87WVvNjyG5xQ2vlFD3xcUxVjnd8LLo20Fr0ubZ6VZxXMEqR4vFKuiG75Dvd6DVZDG2kizOEHxFqpzbr4lCc9A88Zf_k6gOyH4J-9XqylLnCjwBh5A4rp4xAAJMek63rBp-oFqBUfE6E/s72-w640-c-h320/Google-Chrome-Zero-Day.png+%25281%2529.webp', 'postImageUrl': 'https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiT87WVvNjyG5xQ2vlFD3xcUxVjnd8LLo20Fr0ubZ6VZxXMEqR4vFKuiG75Dvd6DVZDG2kizOEHxFqpzbr4lCc9A88Zf_k6gOyH4J-9XqylLnCjwBh5A4rp4xAAJMek63rBp-oFqBUfE6E/w640-h320/Google-Chrome-Zero-Day.png+%25281%2529.webp', 'pageName': 'Google Fixed two Vulnerabilities in Chrome, Including 0Day', 'pageTitle': 'Cyber Kendra: Google Fixed two Vulnerabilities in Chrome, Including 0Day', 'metaDescription': 'PoC code already exists on the web to exploit one of the patched vulnerabilities.'}}, {'name': 'features', 'data': {}}, {'name': 'messages', 'data': {'edit': 'Edit', 'linkCopiedToClipboard': 'Link copied to clipboard!', 'ok': 'Ok', 'postLink': 'Post Link'}}, {'name': 'template', 'data': {'name': 'custom', 'localizedName': 'Custom', 'isResponsive': true, 'isAlternateRendering': false, 'isCustom': true}}, {'name': 'view', 'data': {'classic': {'name': 'classic', 'url': '?view\x3dclassic'}, 'flipcard': {'name': 'flipcard', 'url': '?view\x3dflipcard'}, 'magazine': {'name': 'magazine', 'url': '?view\x3dmagazine'}, 'mosaic': {'name': 'mosaic', 'url': '?view\x3dmosaic'}, 'sidebar': {'name': 'sidebar', 'url': '?view\x3dsidebar'}, 'snapshot': {'name': 'snapshot', 'url': '?view\x3dsnapshot'}, 'timeslide': {'name': 'timeslide', 'url': '?view\x3dtimeslide'}, 'isMobile': false, 'title': 'Google Fixed two Vulnerabilities in Chrome, Including 0Day', 'description': 'PoC code already exists on the web to exploit one of the patched vulnerabilities.', 'featuredImage': 'https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiT87WVvNjyG5xQ2vlFD3xcUxVjnd8LLo20Fr0ubZ6VZxXMEqR4vFKuiG75Dvd6DVZDG2kizOEHxFqpzbr4lCc9A88Zf_k6gOyH4J-9XqylLnCjwBh5A4rp4xAAJMek63rBp-oFqBUfE6E/w640-h320/Google-Chrome-Zero-Day.png+%25281%2529.webp', 'url': 'https://www.cyberkendra.com/2021/04/google-fixed-two-vulnerabilities-in.html', 'type': 'item', 'isSingleItem': true, 'isMultipleItems': false, 'isError': false, 'isPage': false, 'isPost': true, 'isHomepage': false, 'isArchive': false, 'isLabelSearch': false, 'postId': 4716238121549832535}}, {'name': 'widgets', 'data': [{'title': 'Template Code (Do not disable)', 'type': 'HTML', 'sectionId': 'settings', 'id': 'HTML45'}, {'title': 'Cyber Kendra (Header)', 'type': 'Header', 'sectionId': 'header', 'id': 'Header1'}, {'title': 'Recent searches', 'type': 'HTML', 'sectionId': 'custom_searches', 'id': 'HTML2'}, {'title': 'Most popular', 'type': 'PopularPosts', 'sectionId': 'custom_searches', 'id': 'PopularPosts2', 'posts': [{'title': 'Download ExaGear APK + obb - Windows Emulator for Android', 'id': 3731719425182612328}, {'title': 'Pirates Bay Proxy List 2024: Unblock Pirate Bay [July Updated]', 'id': 7709902560608743927}, {'title': 'Kickass Proxy List 2024 KATcr Proxy (UPDATED) Unblocked Mirrors', 'id': 2546342129604073619}, {'title': 'How to Secure Code Repositories and Version Control for Remote Teams', 'id': 2166288539051566398}, {'title': 'CrowdStrike Update Triggers Global IT Outages', 'id': 7615097514216453870}, {'title': 'Best Fmovies Alternatives - Unblocked Fmovies', 'id': 3806278278290303892}]}, {'title': 'Live Search', 'type': 'HTML', 'sectionId': 'custom_searches', 'id': 'HTML3'}, {'title': 'Menu', 'type': 'LinkList', 'sectionId': 'section', 'id': 'LinkList1'}, {'title': '', 'type': 'HTML', 'sectionId': 'billboard_ads', 'id': 'HTML6'}, {'title': 'Blog Posts', 'type': 'Blog', 'sectionId': 'main', 'id': 'Blog1', 'posts': [{'id': '4716238121549832535', 'title': 'Google Fixed two Vulnerabilities in Chrome, Including 0Day', 'featuredImage': 'https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiT87WVvNjyG5xQ2vlFD3xcUxVjnd8LLo20Fr0ubZ6VZxXMEqR4vFKuiG75Dvd6DVZDG2kizOEHxFqpzbr4lCc9A88Zf_k6gOyH4J-9XqylLnCjwBh5A4rp4xAAJMek63rBp-oFqBUfE6E/w640-h320/Google-Chrome-Zero-Day.png+%25281%2529.webp', 'showInlineAds': false}], 'footerBylines': [{'regionName': 'footer1', 'items': [{'name': 'author', 'label': 'Oleh'}, {'name': 'timestamp', 'label': 'pada tanggal'}, {'name': 'comments', 'label': 'Post a Comment'}, {'name': 'share', 'label': ''}]}, {'regionName': 'footer2', 'items': [{'name': 'labels', 'label': ''}]}], 'allBylineItems': [{'name': 'author', 'label': 'Oleh'}, {'name': 'timestamp', 'label': 'pada tanggal'}, {'name': 'comments', 'label': 'Post a Comment'}, {'name': 'share', 'label': ''}, {'name': 'labels', 'label': ''}]}, {'title': 'Advertisement', 'type': 'HTML', 'sectionId': 'top_ads', 'id': 'HTML90'}, {'title': 'Advertisement', 'type': 'HTML', 'sectionId': 'middle_ads_1', 'id': 'HTML91'}, {'title': 'Advertisement', 'type': 'HTML', 'sectionId': 'parallax_ads', 'id': 'HTML92'}, {'title': 'Advertisement', 'type': 'HTML', 'sectionId': 'middle_ads_2', 'id': 'HTML93'}, {'title': 'Advertisement', 'type': 'HTML', 'sectionId': 'bottom_ads', 'id': 'HTML94'}, {'title': 'Advertisement', 'type': 'HTML', 'sectionId': 'matched_content_ads', 'id': 'HTML75'}, {'title': 'Trending!', 'type': 'PopularPosts', 'sectionId': 'sidebar', 'id': 'PopularPosts1', 'posts': [{'title': 'Download ExaGear APK + obb - Windows Emulator for Android', 'id': 3731719425182612328}, {'title': 'Pirates Bay Proxy List 2024: Unblock Pirate Bay [July Updated]', 'id': 7709902560608743927}, {'title': 'Kickass Proxy List 2024 KATcr Proxy (UPDATED) Unblocked Mirrors', 'id': 2546342129604073619}, {'title': 'How to Secure Code Repositories and Version Control for Remote Teams', 'id': 2166288539051566398}, {'title': 'CrowdStrike Update Triggers Global IT Outages', 'id': 7615097514216453870}, {'title': 'Best Fmovies Alternatives - Unblocked Fmovies', 'id': 3806278278290303892}]}, {'title': '', 'type': 'HTML', 'sectionId': 'sticky_sidebar', 'id': 'HTML12'}, {'title': '', 'type': 'HTML', 'sectionId': 'sticky_sidebar', 'id': 'HTML4'}, {'title': 'Footer Credit', 'type': 'HTML', 'sectionId': 'footer_widget_1', 'id': 'HTML38'}, {'title': 'Social Media', 'type': 'LinkList', 'sectionId': 'footer_widget_1', 'id': 'LinkList10'}, {'title': 'Advertisement', 'type': 'HTML', 'sectionId': 'custom_script', 'id': 'HTML5'}]}]);
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML45', 'settings', document.getElementById('HTML45'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HeaderView', new _WidgetInfo('Header1', 'header', document.getElementById('Header1'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML2', 'custom_searches', document.getElementById('HTML2'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_PopularPostsView', new _WidgetInfo('PopularPosts2', 'custom_searches', document.getElementById('PopularPosts2'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML3', 'custom_searches', document.getElementById('HTML3'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_LinkListView', new _WidgetInfo('LinkList1', 'section', document.getElementById('LinkList1'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML6', 'billboard_ads', document.getElementById('HTML6'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_BlogView', new _WidgetInfo('Blog1', 'main', document.getElementById('Blog1'), {'cmtInteractionsEnabled': false}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML90', 'top_ads', document.getElementById('HTML90'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML91', 'middle_ads_1', document.getElementById('HTML91'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML92', 'parallax_ads', document.getElementById('HTML92'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML93', 'middle_ads_2', document.getElementById('HTML93'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML94', 'bottom_ads', document.getElementById('HTML94'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML75', 'matched_content_ads', document.getElementById('HTML75'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_PopularPostsView', new _WidgetInfo('PopularPosts1', 'sidebar', document.getElementById('PopularPosts1'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML12', 'sticky_sidebar', document.getElementById('HTML12'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML4', 'sticky_sidebar', document.getElementById('HTML4'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML38', 'footer_widget_1', document.getElementById('HTML38'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_LinkListView', new _WidgetInfo('LinkList10', 'footer_widget_1', document.getElementById('LinkList10'), {}, 'displayModeFull'));
_WidgetManager._RegisterWidget('_HTMLView', new _WidgetInfo('HTML5', 'custom_script', document.getElementById('HTML5'), {}, 'displayModeFull'));
</script>
</body>