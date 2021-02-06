Google Chrome is the most used web browser on the market and has a market share close to 70%. This means that any security problem affects tens of millions of Internet users. And in this case more, because it also affects other Chromium-based browsers, such as Edge, Opera or Vivaldi.

Google has patched a zero-day vulnerability in the desktop version of your browser. The 88.0.4324.150 It is already available for Windows, Mac and Linux and should be updated immediately because an active exploit has been located.

The vulnerability has been labeled as CVE-2021-21148 and lies in a heap buffer overflow in the open source V8 JavaScript rendering engine used in Chrome and other Chromium-based developers.

While it is typical of Google to limit information until most users are up-to-date, the development comes weeks after the Internet giant and Microsoft revealed the attacks carried out by North Korean hackers against security researchers, through a elaborate social engineering campaign to install a backdoor in Windows. It has not been reported if they are related to this Google Chrome bug.

Google patched five 0-Days for Chrome in Q4 2020, among them a memory corruption flaw in the FreeType font rendering library. The bug was critical like the current one and was being actively exploited.

Due to gravity and exploitation it is recommended We strongly encourage users to install the latest version of Google Chrome or updating installed versions to the latest 88.0.4324.150, using the function installed in the browser in Settings> Help> Google Chrome Information. The bug affects other Chromium-based browsers as it lies in the open source V8 engine that they all use.