Chrome zero-day, hot on the heels of Microsoft’s IE zero-day. Patch now!

Microsoft’s Patch Tuesday announcement was bad enough, with six in-the-wild vulnerabilities patched, including one buried in the vestiges of Internet Explorer’s MSHTML web rendering code… …and it’s been followed by Google’s latest Chrome security advisory, which includes a zero-day patch (CVE-2021-30551) to Chrome’s JavaScript engine amongst its 14 officially listed security fixes. Like Mozilla, Google also lumps together other potential bugs it has found using generic bug-hunting techiques, listed as “Various fixes from internal audits, fuzzing and other initiatives.” Fuzzing, in case you aren’t familiar with the concept, is an automated technique that probes for bugs by repeatedly confronting the sofware under test with input that has deliberately been modified to see whether the program chokes on it.

Read full article on Naked Security