Digital world situation similar ambush from all sides. Chrome Releases updates (CVE-2021-30554) – 17th June 2021.

Preface: The new Edge and Chrome are very similar, as both are built on the same Chromium platform. Meanwhile, Microsoft Edge is based on the Chromium open-source project. Furthermore, when chrome has vulnerability occurs, perhaps Microsoft browser (edge) will be get involves.

Background: WebGL enables web content to use an API based on OpenGL ES 2.0 to perform 2D and 3D rendering in an HTML canvas
in browsers that support it without the use of plug-ins.

Vulnerability details: Just days after having issued patches for (14) Google Chrome vulnerabilities, zero day found again. The issue is that cyber criminals can exploit the flaw (Use after free) in WebGL. It is possible to initiate the attack remotely. No form of authentication is needed for exploitation.

Ref 1: Vulnerability found on 15th June, 2021 – Type confusion in V8 in Google Chrome before 91.0.4472.101 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page. The CVE-2021-30551 insect is noted by Google as kind complication in V8,
implying that JavaScript safety can be bypassed for running unapproved code. Google’s V8 open-source JavaScript and WebAssembly engine.

Ref 2: Enable WebGL – In your Chrome URL bar, go to chrome://flags
Ensure that WebGL is enabled, and not disabled (You’ll need to relaunch Chrome for any changes to take effect)

Announcement by Microsoft –

Announcement by Google –

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.