Google reveals two zero-day vulnerabilities have been under attack, the same day Apple released an emergency patch for iOS.
... [+]Google has revealed that two weaknesses in Chrome are under active attack, as users have been urged to update their browser to avoid becoming a victim.
They were reported to Google via an anonymous party and were given a severity rating of “high.” Little more information was provided on where or how the vulnerabilities - known as zero-days, as developers have “zero days” to fix the flaw before it’s been abused by malicious hackers - have been exploited.
The updated version will roll out for Windows, Mac and Linux users “over the coming days/weeks,” Google said in aMonday was a big day for significant security updates. Google also revealed nine other vulnerabilities rated “high” severity that were patched in the latest Chrome release. Two of those were deemed serious enough to warrant a $7,500 payout to the security researchers who found them.
This year has seen a significant number of active campaigns exploiting zero-day weaknesses in major software, with Microsoft tools the top target. According to former Kaspersky cybersecurity expert and podcaster Ryan Naraine, there have been 66 zero-day attacks so far in 2021.