Google said the bug was exploited in attacks in the wild before a security researcher named Mattias Buelens reported the issue to its engineers on January 24. The zero-day, which was assigned the identifier of CVE-2021-21148, was described as a “heap overflow” memory corruption bug in the V8 JavaScript engine. Google is aware of reports that an exploit for CVE-2021-21148 exists in the wild.ĬNET reports on the background, which saw security researchers as one of the targets. High CVE-2021-21148: Heap buffer overflow in V8. Please see the Chrome Security Page for more information. Google characterizes it as a high-risk flaw. If you use Chrome for Mac, you’ll want to be sure it’s updated today: Google has just fixed a vulnerability that was being actively exploited by North Korean hackers …
0 kommentar(er)
