Google ya ƙirƙiri sabuntawa zuwa Chrome 89.0.4389.90, wanda ke gyara lahani guda biyar, gami da matsalar CVE-2021-21193, wanda maharan suka rigaya suka yi amfani da su a cikin cin gajiyar (0-day). Har yanzu ba a bayyana cikakkun bayanai ba; kawai an san cewa raunin yana faruwa ne ta hanyar samun damar wurin ƙwaƙwalwar ajiya da aka rigaya a cikin injin Blink JavaScript.
An sanya matsalar babban matakin haɗari, amma ba mahimmanci ba, watau. an nuna cewa raunin ba ya ƙyale ƙetare duk matakan kariya na burauza kuma bai isa ya aiwatar da lamba akan tsarin waje da yanayin sandbox ba. Lalacewar da ke cikin Chrome kanta ba ta ƙyale ƙetare yanayin sandbox ba, kuma cikakken harin yana buƙatar amfani da wani rauni a cikin tsarin aiki.
source: budenet.ru