Google has released an update for its Chrome web browser that fixes a range of vulnerabilities, including a zero-day flaw that is actively being exploited in the wild. The vulnerability affects the Windows, macOS, and Linux versions of the popular browser.

According to Google’s security update describing the newly disclosed zero-day vulnerability, “Google is aware of reports that an exploit for CVE-2021-30563 exists in the wild.” The exploit stems from a “type confusion” error in the V8 open-source JavaScript engine used in Chrome and other Chromium-based web browsers.

According to researchers, a remote attacker could exploit the vulnerability by manipulating an unwitting victim into visiting a specially crafted website they created, triggering the type confusion error, then executing arbitrary code on the affected system. Successful exploitation of this vulnerability may result in complete compromise of the vulnerable system.

While there is no single way to prevent being targeted, BW Cyber Services can help you develop a comprehensive cyber compliance security program to prevent and respond to future attacks which affect your operations. We can assess the risks in your organization, review your response plans, conduct phishing campaigns and penetration testing, and we offer a variety of other services to meet your cybersecurity needs. For more information on how BW Cyber Services can assist you, please contact us at info@bwcyberservices.com.