Recently Google has fixed a vulnerability detected in its Chrome browser and has warned chrome users about the exploit that exists in the wild for the flaw. This actively exploited flaw (CVE-2021-21166) originated from the Audio component of Google Chrome browser and is one of 47 security fixes that Google introduced in Chrome 89.0.4389.72 along with the patches for eight high-severity flaws.
Google informed that the flaw iniates from an object lifecycle issue. The object lifecycle is the duration for which a programming language object is valid for use, between the time it is created and destroyed. The flaw was reported by Alison Huffman, with the Microsoft Browser Vulnerability Research team, on Feb. 11. Huffman reported another high-severity flaw that Google fixed in Chrome, which also stemmed from an object lifecycle issue in the audio component (CVE-2021-21165).
Google has informed that all these vulnerabilities have been fixed by the tech giant and Chrome will update its newest version automatically. However, security experts have advised Chrome users to cross check if the update is done properly.
