One of the two security vulnerabilities identified in the Google Chrome web browser was reportedly being actively exploited in the wild.
On Thursday, Google released emergency fixes for the Chrome browser to address two security vulnerabilities. The newly released Google Chrome stable model 100..4896.127 is available for Home Windows, Linux, and macOS. The update was released with several improvements and bug fixes to ensure the browser was safe.
The most significant development is that the updated Chrome addressed the critical zero-day flaw tracked as CVE-2022-1096 that was being actively exploited in the wild. More details about the flaw will be disclosed after a vast majority of the users have access to the update.
Details of the Flaw
Google described CVE-2022-1364 as a high-severity bug that emerged from type confusion in the V8 JavaScript engine. Google’s Threat Analysis Group’s Clément Lecigne reported this flaw on April 13, 2022. As is generally noted with actively exploited zero-days, an exploit for this flaw already exists in the wild. Hence, the tech giant withheld many details of the flaw to prevent further abuse.
With Chrome’s latest update, Google fixed three zero-day flaws since the beginning of 2022, while the latest is the second Type Confusion bug in V8 addressed within a month. The previously fixed zero-day flaws include CVE-2022-0609 and CVE-2022-1096.
Stay Safe- Update to the New Version
Given the serious nature of the identified zero-day flaw, users are suggested to immediately update to Chrome version100.0.4896.127 for Windows, Mac, and Linux to avoid potential threats.
Moreover, those using Chromium-based browsers like Opera, Brave, Microsoft Edge, and Vivaldi should also apply fixes as soon as they are released. The update is available for download on Google’s official Chrome web page, and those using an older version of Chrome put in will receive the update soon.
However, if you don’t want to wait, open Chrome and click the three-dot menu at the top side. Now click Support and About Google Chrome. Chrome will automatically look for updates, and if it is available, they will be downloaded. Restart the computer to complete installation.
More Chrome News on Hackread.com
- Chrome on Android will alert, fix your compromised password
- New malware lures fake Chrome update to attack Windows PCs
- Ad-blocker Chrome extension AllBlock injected ads in Google searches
- Researcher release PoC exploit for 0-day in Chrome, Edge, Brave, Opera
- Urgent Chrome security update released to patch widely exploited 0-day
Credit: Source link