Google released Chrome 89 with several security fixes, including Chrome zero-day bug that is being exploited in wide.
The zero-day bug marked as high severity and is existing in the Object lifecycle in audio allows attackers to exploit and take over the complete browser control.
The vulnerability (CVE-2021-21166) was reported by Alison Huffman, Microsoft Browser Vulnerability Research on 2021-02-11.
“Google is aware of reports that an exploit for CVE-2021-21166 exists in the wild”, Google said.
The security updates including 47 security patches including, 8 High severity bugs, 16 “Medium” severity bugs, and 23 Low severity bugs.
Google rewarded the highest reward of $10000 for the Heap buffer overflow in TabStrip (CVE-2021-21159) that was reported by Khalil Zhani on 2021-01-27.
Another Heap buffer overflow vulnerability (CVE-2021-21161) in TabStrip and WebAudio (CVE-2021-21160) reported by Khalil Zhani and Marcin ‘Icewall’ Noga of Cisco Talos received $7500 each as a…