Google has just pushed an unplanned update to the Chrome browser to Windows, Mac, and Linux platforms to fix a high-risk zero-day vulnerability that is being widely exploited. Google noted in a security bulletin on Monday that it had received reports of wild exploits of the CVE-2021-4102 vulnerability, which stemmed from a "Use-After-Free" vulnerability in the Chrome V8 JavaScript engine.
(From Google Blog)
Bleeping Computer
States that UAF is a vulnerability related to "improper use of dynamic memory" during program operation.
If the program does not clear the pointer to the memory location after freeing it, an attacker can use this bug to hack into the program and then use it to execute arbitrary code or escape the control of the browser's security sandbox.
It is reported that an anonymous security researcher submitted this vulnerability report to Google. However, until most users have implemented the update fix, the full details of the CVE-2021-4102 vulnerability will not be disclosed.
If your Chrome browser version hasn't been updated to 96.0.4664.110 (such as 96.0.4664.93), click the "Vertical Three-Dot" button (┆) in the upper-right corner of the window as soon as possible. Then move to Help - > About Google Chrome" to get the update, which will take effect after restarting the software.