Google updates Chrome browser fixes notable bug
image for illustrative purpose
Google has updated the Chrome browser to 91.0.4472.114 and the most notable thing about the update is that it fixes the seventh documented zero-day exploit for the web browser this year.
Google Chrome will attempt to auto-update when you open it the next time but you can trigger the update manually by clicking on the 'three dots' to the top right, selecting settings and then about Chrome. The browser will then update and relaunch.
Google has provided no updates on what the zero-day exploit was and why it needed to be fixed but it did confirm that it was aware that the bug was being exploited in the wild. It didn't specify the use case or the cases already logged.
The exploit itself seems to be caused by a security weakness in WebGL which is a JavaScript API used for rendering 2D and 3D graphics on the browser. This marks the seventh vulnerability found in Google's browser this year and Kaspersky technologies has uncovered a threat actor known only as the Puzzlemaker who has been successful in chaining together various zero-day bugs in the browser to run malware on Windows systems.
These bugs were found after Kaspersky noticed a pattern of targeted attacks against companies using an undiscovered chain of zero-day exploits in both Google Chrome and Windows 10.