Skip to Content

Latest Chrome 88 Update Includes Important Fix for Zero-Day Vulnerability

by

Google Chrome Material Icon 450x450Google has released Chrome version 88.0.4324.150 with an important fix for a zero-day vulnerability in the web browser that the company says is likely to have been exploited in the wild.

Google hasn't provided specific details about the heap buffer overflow memory corruption bug known as CVE-2021-21148, and says it won't do so "until a majority of users are updated with a fix."

However, ZDNet notes that the date on which Google says the bug was reported, January 24, is just two days after Google's Threat Analysis Group reported a hacking campaign carried out by North Korean hackers against the cyber-security community.

Some of the attacks involved luring security researchers to a blog where the attackers exploited browser zero-days to run malware on the researchers' systems. On January 28, Microsoft also reported that attackers most likely used a Chrome zero-day for their attacks.

The proximity of the two events has led security researchers to suspect that it was indeed the CVE-2021-21148 zero-day that was used in the attacks. As a result, all users are being advised to use the Chrome menu bar's About Google Chrome option to upgrade their browser to the latest version as soon as possible.

Google Chrome for Mac is a free download available directly from Google's servers. Google Chrome for iOS is a free download for iPhone and iPad available on the App Store. [Direct Link]

Tags: Chrome, Exploit, Google, Security

Popular Stories

Apple Event Logo

Apple Released Seven New Products Today

Wednesday March 11, 2026 7:05 am PDT by
Starting today, the seven new Apple products that were announced last week are available at Apple Stores and beginning to arrive to customers. The colorful MacBook Neo and all of the other new products are on display at most Apple Store locations around the world starting today. Apple Stores have inventory of the new products for both walk-in customers and Apple Store pickup, but...
Read Full Article24 comments
iOS 27 Mock Quick

10+ New Features Coming in iOS 27

Friday March 13, 2026 2:13 pm PDT by
We're only three months away from Apple's WWDC 2026 event, which will see the company unveil iOS 27. With the fully revamped version of Siri possibly delayed until September, iOS 27 is shaping up to be the update we wanted iOS 26 to be. There will be new Apple Intelligence features, updates for the iPhone Fold, and more, with the latest rumors summarized below. Foldable iPhone Features...
Read Full Article92 comments
Apple 50 Years of Thinking Different

Apple Announces 50th Anniversary Plans

Thursday March 12, 2026 6:10 am PDT by
Apple today announced that it will celebrate the company's 50th anniversary over the coming weeks, but it has yet to reveal any specific plans. Apple was founded on April 1, 1976, so the company will turn 50 on April 1, 2026. "While Apple is known for looking forward, this milestone offers a special moment to reflect on the journey that has brought the company here, to celebrate the...
Read Full Article92 comments

Top Rated Comments

techpr Avatar
techpr
67 months ago
I stopped using and uninstalled Chrome in 2020. Safari and Firefox for me.
Score: 3 Votes (Like | Disagree)
I
ian87w
67 months ago
Does this zero-day vulnerability only affect Chrome, or does it affect all Chromium based browsers?
Score: 2 Votes (Like | Disagree)
macdos Avatar
macdos
67 months ago
Always these "overflows", there's no end to it, it is just like Flash.

Code in apps and OSs should be rewritten from scratch with something else than C and derivatives, something that doesn't use "pointers", something that is tight from start.
Score: 2 Votes (Like | Disagree)
chucker23n1 Avatar
chucker23n1
67 months ago

What about WebKit based browsers like Safari? Is the exploit something Google added since forking for Chromium, or is it something that was separately fixed already for WebKit?
If the bug is in V8, WebKit won't be affected because WebKit's JS engine was never V8. (Chrome choosing its own JS engine happened long before it forked WebKit to Blink.)

If the bug is outside V8, it is indeed possible that WebKit is affected.
Score: 1 Votes (Like | Disagree)
M
MysticCow
67 months ago

Google hasn't provided specific details about the heap buffer overflow memory corruption bug known as CVE-2021-21148, and says it won't do so "until a majority of users are updated with a fix."
"We have discovered a bug where Apple's tracking option will cause Chrome to crash, so we are trying to disable it!"

Internet irony might be lost on this one.

Curious as to what others uses as a backup browsers to Safari? I'm looking to de-google thus Chrome is out, but need a Chromium browser for the occasional website where Safari doesn't place nice.
Firefox with uMatrix and Facebook Container. It works wonders to clear the tracking gunk.
Score: 1 Votes (Like | Disagree)
luvbug Avatar
luvbug
67 months ago
The Brave browser has already updated the stable release to this latest Chrome build. Just FYI. Edit: "latest Chromium build", which tracks the Chrome build exactly, but excludes the closed-source bits.
Score: 1 Votes (Like | Disagree)
Read All Comments