The good and the bad with Chrome web browser's new security defaults It will also lower the minimum price limit of Android apps, in-app purchases, and subscriptions in 20 markets. Google to shorten Chrome update cycle to four weeks The advisory thanked five researchers for their contributions and added that its own ongoing security work was responsible for a wide range of fixes. 'Google is aware of reports that exploits for CVE-2021-21224 exist in the wild,' he wrote. In an advisory penned by Chrome technical program manager Srinivas Sista, five vulnerabilities were detailed: CVE-2021-21222 heap buffer overflow in V8, CVE-2021-21223 integer overflow in Mojo, CVE-2021-21225 out of bounds memory access in V8, CVE-2021-21226 use after free in navigation, and CVE-2021-21224 type confusion in V8. The zero-day, which was assigned the identifier of CVE-2021-21224, was described as a 'type confusion in V8'.
The release contains seven security fixes, including one for a zero-day vulnerability that was exploited in the wild. 85 of the Chrome browser for Windows, Mac, and Linux.