Chrome Browser Bug Under Active Attack

Google is warning that a bug in its Chrome web browser is actively under attack, and it is urging users to upgrade to the latest 91.0.4472.101 version to mitigate the issue.

In all, Google rolled out fixes for 14 bugs impacting its Windows, Mac and Linux browsers as part of its June update to the Chrome desktop browser.

“Google is aware that an exploit for CVE-2021-30551 exists in the wild,” wrote Chrome technical program manager Prudhvikumar Bommana in a Wednesday post. That exploit is identified as a type confusion bug within Google’s V8 open-source JavaScript and WebAssembly engine.
The confusion vulnerability is tied to the browser’s ActionScript Virtual Machine. “Usually, when a piece of code doesn’t verify the type of object that is passed to it, and uses it blindly without type-checking, it leads to type confusion,” according to a technical description of the bug.

Possible Wider Impact of Exploited Chrome Browser Bug

The update coincides with the release of the Android Chrome browser to Chrome 91 (91.0.4472.101), also on Wednesday. While the desktop and mobile versions of the Chrome web browser share the same version number, it is unclear if the updated Android Chrome browser is impacted by the same vulnerabilities.

Also unclear is if Microsoft’s Edge browser, based on the Chromium open-source browser codebase (principally developed and maintained by Google), is also impacted.

In related news, on Tuesday, Microsoft released a patch for vulnerabilities under active attack, including CVE-2021-33742, impacting its Edge browser. That bug is a remote-code execution (RCE) vulnerability within the Edge browser’s MSHTML component.

“The MSHTML platform is used by Internet Explorer mode in Microsoft Edge as well as other applications through WebBrowser control,” Microsoft explained.

Critical Browser Cache Bug: CVE-2021-30544

As part of the June Chrome update, Google patched a critical use-after-free bug (CVE-2021-30544) within the browser’s optimization engine called BFCache. This browser component enables back-and-forward navigation between cached webpages within Chrome.

As customary with recently disclosed bugs, Google did not release the details tied to any of the vulnerabilities patched Wednesday. “Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven’t yet fixed,” the Google advisory stated.

Google credits Rong Jian and Guang Gong of 360 Alpha Lab for finding the BFCache bug in May. For their bug hunting efforts, the pair earned $25,000.

Download our exclusive FREE Threatpost Insider eBook,****“2021: The Evolution of Ransomware,”**** to help hone your cyber-defense strategies against this growing scourge. We go beyond the status quo to uncover what’s next for ransomware and the related emerging risks. Get the whole story andDOWNLOAD** the eBook now – on us!**