If you use Chrome for Mac, you’ll want to be sure it’s updated today: Google has just fixed a vulnerability that was being actively exploited by North Korean hackers …

Google characterizes it as a high-risk flaw.

CNET reports on the background, which saw security researchers as one of the targets.

This update includes 1 security fix. Please see the Chrome Security Page for more information.

[$TBD][1170176] High CVE-2021-21148: Heap buffer overflow in V8. Reported by Mattias Buelens on 2021-01-24

Google is aware of reports that an exploit for CVE-2021-21148 exists in the wild.

While it sounds like this was a targeted state-sponsored attack, once a zero-day exploit is revealed, it is likely to be used by others in more general attacks. Prompt updating is therefore always recommended.

The zero-day, which was assigned the identifier of CVE-2021-21148, was described as a “heap overflow” memory corruption bug in the V8 JavaScript engine.

Google said the bug was exploited in attacks in the wild before a security researcher named Mattias Buelens reported the issue to its engineers on January 24.

Two days after Buelens’ report, Google’s security team published a report about attacks carried out by North Korean hackers against the cyber-security community.

Some of these attacks consisted of luring security researchers to a blog where the attackers exploited browser zero-days to run malware on researchers’ systems.

You can update by going to Chrome > About Google Chrome. You’ll also find there an option to switch on automatic updates, which Google recommends.

We can also soon expect a security update from Apple to fix a Sudo bug that was also a heap overflow issue.

Photo by Tima Miroshnichenko from Pexels

The vulnerability, disclosed last week as CVE-2021-3156 (aka Baron Samedit) by security researchers from Qualys, impacts Sudo, an app that allows admins to delegate limited root access to other users. Qualys researchers discovered that they could trigger a “heap overflow” bug in the Sudo app to change the current user’s low-privileged access to root-level commands, granting the attacker access to the whole system.