It is more important than usual to update to the latest version of Chrome. Version 88.0.4324.150 of Google’s browser Chrome released on Thursday fixes a vulnerability which the search giant says is actively being exploited in the wild. The update is rolling out now across Windows, Mac, and Linux.
The vulnerability details, called CVE-2021-21148, are currently being kept under cover "until a majority of users are updated with a fix", according to a post on Google’s security update blog on Thursday. Discretion is typical of companies facing security risks that are still very active, but Google noted that the bug was used in attacks before it was reported to engineers by user Mattias Buelens on January 24.
Just two days after Buelens brought the bug to Google’s attention, Google’s threat analysis team issued a warning to cybersecurity researchers that North Korean hackers were targeting researchers working on sensitive topics, in part by luring researchers to blogs that exploited browser vulnerability.
