This article has been indexed from Softpedia News / Security
According to Kaspersky, on April 14 and 15, 2021, a wave of highly concentrated attacks was tracked using a chain of zero-day exploits in Chrome and Windows.
PuzzleMaker is the name of the attackers. Although not validated, the first exploit in the chain appears to be CVE-2021-21224, a V8 type mixup vulnerability in Chrome prior to 90.0.4430.85.
On April 20, Google released a workaround for the critical flaw that, when exploited, allows remote attackers to execute arbitrary code inside a sandbox via a fake HTML page.
Researchers discovered the exploit in two Windows 10 vulnerabilities, which are zero-day issues fixed in Microsoft’s latest Patch Tuesday update.
CVE…
Read the original article: Windows 10 Targeted With Chrome Zero-day Exploits