The sixth zero day of Google Chrome was talk of the town during the June 2021 Patch Tuesday. The earlier 5 zero days were:
- CVE-2021-21148 – February 4th, 2021
- CVE-2021-21166 – March 2nd, 2021
- CVE-2021-21193 – March 12th, 2021
- CVE-2021-21220 – April 13th, 2021
- CVE-2021-21224 – April 20th, 2021
The vulnerability was discovered by Sergei Glazunov of Google Project Zero and is being tracked as CVE-2021-30551.
Google Chrome prior to 91.0.4472.101
Google has released Chrome 91.0.4472.101 for Windows, Mac, and Linux to fix 14 security vulnerabilities, with 1 zero-day vulnerability exploited in the wild and tracked as CVE-2021-30551.
One can perform a manual update by going to Settings > Help > About Google Chrome.
Qualys customers can scan their network with QID 375622 to detect vulnerable assets.
Please continue to follow Qualys Threat Protection for more coverage on latest vulnerabilities.
References and Sources