Google releases yet another emergency Chrome security update

Following the release of version 100 of its browser, Google released a new update for Chrome to fix a high-severity zero-day vulnerability that is being actively exploited in the wild.

According to a new security advisory released by the search giant, the company is aware that there is an exploit for this high-severity vulnerability identified as CVE-2022-1364.

The bug itself is a confusing weakness in the Chrome V8 JavaScript engine and while these types of vulnerabilities typically cause browser crashes after reading or writing memory out of buffer bounds, cybercriminals can also cause them to crash. exploit to execute arbitrary code on vulnerable systems.

The vulnerability was discovered by Clement Lecigne from the Google threat analysis group who immediately reported it to the Google Chrome team. Although Google observed that this zero-day was actively exploited in the wild, the company was mum on any attack. In its security advisory, it said the bug details and links will be “kept restricted until a majority of users are updated with a fix.”

Manual update of Google Chrome

(Image credit: Google)

Manually updating Chrome is your bet

Google Chrome 100.0.4896.127 for Windows, Mac, and Linux will be rolling out in the coming weeks as an update.

However, due to the high severity of this vulnerability, security-conscious users can update Chrome immediately by going to the Chrome menu, heading To help and clicking on About Google Chrome. Here they can manually install the update themselves instead of waiting for Google to roll it out.

See also  24 years ago, Steve Jobs made tech sexy again

For those who prefer to wait, Chrome will automatically check for new updates and install them the next time you close and relaunch the browser.

This is the third zero-day vulnerability discovered and patched in Chrome this year.

Via BleepingComputer

Leave a Comment