Jump to content
  • Google Chrome emergency update patches 0-day vulnerability


    Karlston

    • 388 views
    • 2 minutes
     Share


    • 388 views
    • 2 minutes

    Google released a Chrome web browser update to address a security issue in the browser that is actively exploited in the wild.

     

    chrome-100-emergency-0-day-update.webp

     

    Chrome 100.0.4896.127 has been released for all supported desktop operating systems -- Windows, Mac and Linux -- to address the issue. The update is being rolled out over time as usual, but Chrome users may speed up the installation in the following way:

     

    • Select Chrome Menu > Help > About Google Chrome, or load chrome://settings/help directly.

     

    The page displays the installed browser version. A check for updates is performed when the page is opened in the browser. Chrome should download and install the update automatically at that point.

     

    Google announced the release on the company's Chrome Releases blog, but did not provide many details on the issue. The vulnerability is listed with a severity rating of high, the second-highest after critical. It is a Type Confusion in V8 issue, Chrome's JavaScript engine. These type of vulnerabilities may lead to the execution of arbitrary code, and it appears that this is the case for the vulnerability that Google disclosed on the blog.

     

    The company notes that it is aware of an exploit that is actively used against the vulnerability:

     

    Google is aware that an exploit for CVE-2022-1364 exists in the wild.

     

    Google did not provide specifics; this is common, as companies that release security patches want updates to be rolled out to the majority of users and devices first. The premature release of information could result in the creation of exploits by other malicious actors.

     

    Google released three zero-day vulnerability updates for its Chrome web browser this year. Other Chromium-based web browsers may also be affected by the issue. Security updates for these web browsers will likely be released soon, provided that the issue affects these browsers as well.

     

    Chrome users may want to upgrade their browser as soon as possible to protect it against attacks that target the 0-day vulnerability. Users who use other Chromium-based browsers may want to check for updates or news regularly to make sure their browsers do get patched as well.

     

     

     

    Google Chrome emergency update patches 0-day vulnerability

     

    Frontpaged:   Google Chrome 100.0.4896.127


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...