Coming Soon...

Q-CERT website is currently under maintenance. We should be back shortly. Thank you for yor patience.

Google Chrome Patch Update- October 2021

Issued: 
Monday, 1 November, 2021
Last Revision: 
Monday, 1 November, 2021
Vendor: 
Google
Product: 
Google Chrome
Severity Level: 
High
Summary: 

As of October 2021, Google has updated Chrome to address high and critical vulnerabilities. The Stable channel has been updated to 95.0.4638.69 for Windows, Mac, and Linux. This update fixes two zeroday vulnerabilities numbered as CVE-2021-38000 and CVE-2021-38003.

As Google reports, the update will roll out over the coming days or weeks.

 

CVE/Vulnerability

Description 

CVSS3.0 Score

CVE-2021-38000

           Insufficient validation of untrusted input in Intents

6.3

CVE-2021-38003

           Inappropriate implementation in V8

6.3

 

                                                                                    Table 1: Vulnerability details

 

 

CVE/Vulnerability 

 

Affected Product(s)

Platform

CVE-2021-38000

                 

Chrome

          Windows, Mac, and Linux

CVE-2021-38003

 

Chrome

          Windows, Mac, and Linux

 

                                                                                    Table 2: Vulnerabe Versions

Recommendation: 

Organizations are advised to check Google support page for Chrome updates and apply it.

References: 
Dev Channel Update for Chrome OS
https://www.zdnet.com/article/google-fixes-two-high-severity-zero-day-flaws-in-chrome/