Buzz
Google has stated that this issue has been exploited in natural attacks prior to Mattias Buelens raising the issue on January 24th. Two days later, Google's security team released a report on cyber attacks by North Korea targeting the cybersecurity community.
Some of these attacks include luring security researchers to a blog where attackers exploited a Chrome zero-day vulnerability to run malicious software on researchers' systems.
On January 28th, Microsoft stated that attackers may have used the Chrome Zero-day vulnerability for their attacks. Additionally, a South Korean security company reported discovering an Internet Explorer Zero-day vulnerability used in these attacks.
- Read more: What is a Zero-Day vulnerability?
Google did not disclose whether CVE-2021-21148 vulnerability was used in the aforementioned attacks, although many security researchers believe it to be true due to two closely occurring events.
Regardless of where or how the vulnerability is being exploited, users should utilize Chrome's integrated update feature to upgrade their browser to the latest version as soon as possible. You can find this feature in Settings > Help > About Google Chrome.
Download link for the latest Google Chrome:
- Install now: Coc Coc.
