Google fixes 15th and 16th Chrome zero-day this year

Google has released security updates today for its Chrome web browser, including a patch to address two zero-day vulnerabilities that were exploited in the wild.

The updates are part of Chrome version 95.0.4638.69, which is now available via the browser's built-in udpate mechanism.

The two zero-days are CVE-2021-38000 and CVE-2021-38003, and are the 15th and 16th zero-days that Google has patched this year—the most Google has patched in Chrome in any single calendar year since the browser's first release in 2008.

As it's standard policy, Google has not shared any details about today's patches or the attack scenarios in which the two zero-days were used—in order to give users a safe period of time to patch before other threat actors start abusing today's fixes.

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles
Catalin Cimpanu

Catalin Cimpanu

is a cybersecurity reporter who previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.