Alphabet Inc.'s Google LLC. has issued an immediate update alerting Chrome web browser users of an immediate threat.
The alert is the second urgent update released by the company over the past seven days. However, the latest alert appears to have market participants unfazed. Alphabet's shares are expected to open up 2.4% at $2,405.00 each Monday EDT after a 1.34% fall late Friday to $2,402.22
The company's Chrome browser is the most used browser application - holding a 69.28% market share, according to NetMarketShare.com. Google said the browser had more than 2 billion users worldwide.
Successful exploitation of the flaw could mean corruption of valid data, leading to a crash, and even execution of unauthorized code or commands, The Hacker News reported.
The issue was reported to Google anonymously June 15, Chrome technical program manager Srinivas Sista said and added the company was "aware an exploit for CVE-2021-30554 exists in the wild."
In its latest blog Google says all users may be in danger if they don't immediately update browsers. In an official post published Monday, Google confirmed the existence of a new zero-day exploit, which it said was discovered after an anonymous tipoff.
Most software security flaws and exploits are discovered and patched before they get into the wild. However, the zero-day classification means that the vulnerability is already being actively used by hackers.
Google said it had already released an update to patch the security flaw, which was identified as an "exploit for CVE-2021-30554." The company didn't elaborate on what the vulnerability was but said it was found in the WebGL component of its browser. The component is a JavaScript application programming interface used for rendering.
Google said the update contained fixes for three other "high-level threats" in older versions of Chrome. Google advised users to immediately update their browsers through the "About Google Chrome" menu under the application's settings.
The latest exploit is the seventh zero-day alert sent out by the company since the start of the year. It is the second within the past seven days. Google typically releases patches within days of an exploits' discovery but experts have advised users to be extra vigilant.
Cybersecurity company Kaspersky Lab recently issued a warning to Chrome users of potential attacks. The company said a group of hackers calling themselves "PuzzleMaler" had discovered how to chain together zero-day bugs within the Chrome browser to forcefully install malware on Windows operating systems.
Microsoft also issued urgent security warnings for its users, informing them of the group and the exploit.
