Google Releases Emergency Update to Fix Two Chrome Zero Days

On Thursday evening, Google released Chrome version 94.0.4606.71 for Windows, macOS, and Linux to fix four vulnerabilities, two of which are zero days being actively exploited in the wild. It’s the second pair of zero days for Chrome this month - all of which are being actively exploited.

The two zero days patched with the latest Chrome version include CVE-2021-37975, which is a high severity use after free vulnerability in V8, the open source JavaScript and WebAssembly engine for Chrome. A use after free vulnerability is an incorrect use of dynamic memory by a program, which may allow an attack to corrupt data, crash programs, or execute arbitrary code. The second zero day patched is CVE-2021-37976, a medium severity vulnerability only referenced as an “information leak in core” by Google.

Action Required

Google has released Chrome version 94.0.4606.71, which addresses the zero days for Windows, macOS, and Linux. Since the update includes two zero days that are being actively exploited in the wild, we strongly recommend patching as soon as possible.

Patch your devices immediately via the Software menu in Automox, simply by searching for the Chrome version (94.0.4606.71) and selecting “Patch Now” to instantly remediate. You’ll need to “Patch Now” for macOS, Windows, and Linux separately with this methodology if you have devices running any of the three OSes with Chrome installed.

Chrome software in Automox console

If you don’t have an existing policy to patch Chrome, you can create a patch only policy to update Chrome across Windows, macOS, and Linux. No need to insert a schedule if you plan to run the policy manually.

Create Patch Only Policy for Chrome Vulnerability in Automox

Once you create the policy, you can run it manually from the policy menu to instantly remediate.

Run policy to fix Chrome vulnerability in Automox

Affected Versions

Chrome versions 93.0.4577.95 and prior

About Automox Automated IT Operations

Today’s IT leaders deserve better than tedious legacy tools to manage their infrastructure. From our single cloud-native platform, automate and scale your IT operations to meet the growing business demands of the modern workforce. With complete visibility of your entire environment, you can easily monitor, identify, and respond to issues in real-time across any endpoint, regardless of OS or location.

Demo Automox to see how you can immediately gain effortless command of your endpoints.

Dive deeper into this topic