Google Patches RCE Vulnerability in the New Chrome Update Release
August 4, 2021
Google has released Chrome Version 92.0.4515.131 for Windows, Mac and Linux.
The update patches 10 vulnerabilities, including a high severity vulnerability which may lead to Remote Code Execution on the affected system.
The Remote Code Execution Vulnerability
- CVE-2021-30590 (High Severity)
A sandbox escape vulnerability that can be “exploited in combination with an extension or a compromised renderer.”
An attacker can leverage the vulnerability to achieve remote code execution outside Chrome’s sandbox.
Affected Versions
- Google Chrome for Desktop prior version 92.0.4515.131.
Mitigation
CYREBRO recommends updating Chrome for Desktop to the latest available release (92.0.4515.131 at minimum).
References: Google Chrome Releases
CYREBRO Cyber Threat Intelligence (CTI) alerts are researched and published by CYREBRO threat intelligence specialists. The aim is to share information about the latest threats and vulnerabilities and provide recommended mitigation tactics.
