The researcher disclosed this vulnerability on September 24th and wished to remain anonymous. The second zero-day, tracked as CVE-2021-37975, is a High severity user after free bug in the Chrome V8 JavaScript engine. This vulnerability was discovered by Clément Lecigne from Google TAG, with technical assistance from Sergei Glazunov and Mark Brand from Google Project Zero, on September 21st, 2021. The first zero-day, tracked as CVE-2021-37976, is described as an 'Information leak in core' and was assigned a Medium severity level.
While this Chrome release includes fixes for four security vulnerabilities, the two zero-days are concerning as they are known to have been exploited in the wild. Google Chrome will also check for available updates and install them the next time you launch the web browser.
