Google's Chrome web browser received two emergency security patches on Thursday, one of which the company claims is being actively exploited in the wild.
An issue with the V8 JavaScript engine has been identified as CVE-2022-1364 and is being worked on by the tech giant. On April 13, 2022, Clément Lecigne of Google's Threat Analysis Group reported the vulnerability.
The company acknowledged that "an exploit for CVE-2022-1364 exists in the wild," as is typically the case with actively exploited zero-day flaws. More information about the flaw and who is responsible for it has been withheld in order to prevent further exploitation.
Since the start of the year, Google has patched Chrome for a total of three zero-day vulnerabilities. After less than a month, this is the second type of confusion bug in V8 that has been fixed.
- CVE-2022-0609 - Use-after-free in Animation
- CVE-2022-1096 - Type confusion in V8
To avoid vulnerabilities, we urge everyone to use the latest version 100.0.4896.127 for Windows, Mac, and Linux. As soon as the fixes become available for Chrome-based browsers like Microsoft Edge, Brave, Opera, and Vivaldi, they should also be applied.
Post a Comment
Your suggestions and comments are welcome