Google Issues Urgent Chrome Update To Patch Zero-Day Exploited Flaw

Actualización de Google Chrome News

Google on Thursday shipped emergency patches to address two security issues in its Chrome web browser, one of which it says is being actively exploited in the wild.

Tracked as CVE-2022-1364, the tech giant described the high-severity bug as a case of type confusion in the V8 JavaScript engine. Clement Lecigne of Google’s Threat Analysis Group has been credited with reporting the flaw on April 13, 2022.

As is typically the case with actively exploited zero-day flaws, the company acknowledged it’s “aware that an exploit for CVE-2022-1364 exists in the wild.” To prevent abuse, additional information about the flaw has been withheld as well as the identities of the threat actors.

Google has now fixed three zero-day Chrome vulnerabilities since January. It’s also the second type confusion-related bug in V8 to be squashed in less than a month –

  • CVE-2022-0609 – Use-after-free in Animation
  • CVE-2022-1096 – Type confusion in V8

Users are recommended to update to version 100.0.4896. 127 for Windows, Mac and Linux to thwart potential threats. Chromium browsers like Microsoft Edge, Brave and Opera are advised to use the updates as soon as they become available.

David
Rate author
Hackarizona