The official blogpost of Google reads, “The Stable channel has been updated to 96.0.4664.110 for Windows, Mac and Linux which will roll out over the coming days/weeks. The extended stable channel has also been updated to 96.0.4664.110 for Windows and Mac which will roll out over the coming days/weeks.”
The new version was launched by the company rather quickly so that it could patch up a CVE-2021-4102 vulnerability. The vulnerability has been used by hackers. Moreover, the new update also offers to patch up to four additional vulnerabilities. It should be noted that Google could launch the next Chrome 97 version in the upcoming few days.
However, at this point, it is not clear how the hackers are exploiting this flaw in real-world attacks. Google did issue a statement that says, “it’s aware of reports that an exploit for CVE-2021-4102 exists in the wild.” The announcement was made so that a majority of users will be kept in the loop as to when the updates come with a probable fix to the issue, and to further prevent the exploitation by other threat actors.
The patched vulnerabilities include CVE-2021-4098 which poses a great threat due to insufficient data verification in Mojo, CVE-2021-4099 is a vulnerability for Swiftshader, CVE-2021-4100 has a problem with the life cycle of the object and CVE-2021-4101 has a stacked buffer overflow vulnerability.
Users can check the version of their respective browsers to start with manual updates.