Highlights
- Around 2.6 billion Google Chrome users are on high alert after the company confirmed multiple new high-level hacks.
- The company has confirmed an exploit of CVE-2021-37973, exists in the wild.
- Hackers have attacked the browser by double digits UAF attacks in September.
Google Chrome’s 2.6 billion users need to be on high alert as the company has confirmed multiple new high-level hacks. On Sunday, the tech major has rolled out security update for the same urging the Chrome users to update their browsers to the latest version.

Representative Image Source: © Jirsak | Megapixl.com, image description – Google logo
There has been a critical security loophole, due to which it was found to be under active exploitation by the hackers prior to Google’s roll out of any fix.
RELATED READ - Google dominated Australian online advertising: ACCC
Google has confirmed four high level threats last weekend coming just days after Chrome’s 12th and 13th zero-day exploits of the year. These zero-day exploits impact macOS, Linux and the Windows users.
What is this new threat?
In its blog, Google has confirmed that an exploit of CVE-2021-37973, exists in the wild. Such kind of security flaws are more dangerous than the regular security loopholes.
The company published a new blog post revealing the confirmed threats that users need to take immediate action. Previously, it has warned the user against a zero-day exploit called CVE-2021-30563 and now another dangerous threat has appeared that the company was already aware of.
Google is currently restricting information about these hacks to purchase time for Chrome users to upgrade, consequently, given below are the current information:
- High – CVE-2021-37977 – Use after free in Garbage Collection.
- High – CVE-2021-37978 – Heap buffer overflow in Blink.
- High – CVE-2021-37979 – heap buffer overflow in the WebRTC.
- High – CVE-2021-37980- Inappropriate implementation in the sandbox.
While these descriptions don’t provide a lot of information, it is quite interesting to see continued attacks on Chrome with “Use-After-Free” (UAF) exploits. Hackers have attacked the browser by double digits UAF attacks in September and have already exploited a zero-day UAF flaw this month, ahead of the latest discovery.

Representative Image Source: © Jirsak | Megapixl.com, Image description – Cyber attack
Lessons to learn from the hack –
In the wake of Google’s warning last week, the company has provided some tips for the users that can be taken as lessons –
- According to the manual, users can navigate to the settings > help > about Google Chrome and check the Google Chrome version.
- Google versions of 94.0.4606.61 or more are considered safer. The users who don’t have this version, can wait or else can turn off their machine.
- When the users have updated their browsers to the latest version, they need to perform the crucial final step that is to restart Chrome.
According to tech experts -
- Users are advised to use stable channel update which is provided by Google to vulnerable systems immediately after appropriate testing.
- Run all the software as a non-privileged user or one without administrative privileges to diminish the aftereffects of an attack.
- Do not visit any un-trusted website while surfing on the internet.
- Users must not follow links which are provided by untrusted or unknown sources.
- Users need to be very careful as there are some major possible threats attached to the hypertext links contained in the emails or attachments.
- One should apply the principle of least privilege to all the systems and services.
- The users should update their browsers to the latest version.
- It is very important for the Chrome users to follow the latest necessary guidelines to avoid such risks.
- Proper security fix should be ensured when its recommended.
- Users should keep checking for the update until it is available on their browser, and must follow the necessary security fix – install the update and restart Chrome.