Google has released Chrome v90 recently that has many bug fixes and security features. These include making the HTTPS sites default and patching various bugs in V8, including a zero-day vulnerability. Thanking the researchers who contributed to solving them, Google also announced to lower the prices for Android app purchases and in-app purchases.
Google Patched Critical Vulnerabilities in Chrome
Google rolled out Chrome v90.0.4430.85 for Windows, Linux, and Mac yesterday, which has fixes for seven bugs and some security features to make your browsing experience safe. The bugs were spotted in V8 of Chrome, and are of various nature. Though Google didn’t disclose more details about them, they can be noted with CVE identifiers assigned to them. These are;
CVE-2021-21222 – heap buffer overflow in V8
CVE-2021-21223 – integer overflow in Mojo
CVE-2021-21225 – out of bounds memory access in V8
CVE-2021-21226 – use after free in navigation and
CVE-2021-21224 – type confusion in V8.
Out of these, the CVE-2021-21224 confusion in V8 was named to be a zero-day bug and is actively being exploited in wild. Besides patching these, the v90 of Chrome has also new lowered prices for Android apps purchases, in-app purchases, and subscriptions in 20 countries.
Furthermore, the biggest security addition in Chrome v90 is the forcing of websites to comply with HTTPS protocol. This ensures the websites visited are safe, having an SSL certificate and is protected. While this marks for safe browsing, it also breaks the experience if the concerned site doesn’t have a HTTPS version.
Other Trending News:- News