Google Chrome emergency update patches 0-day vulnerability
#1
Exclamation 
Quote:Google released a Chrome web browser update to address a security issue in the browser that is actively exploited in the wild.

[Image: chrome-100-emergency-0-day-update.png]

Chrome 100.0.4896.127 has been released for all supported desktop operating systems -- Windows, Mac and Linux -- to address the issue. The update is being rolled out over time as usual, but Chrome users may speed up the installation in the following way:
  • Select Chrome Menu > Help > About Google Chrome, or load chrome://settings/help directly.
The page displays the installed browser version. A check for updates is performed when the page is opened in the browser. Chrome should download and install the update automatically at that point.

Google announced the release on the company's Chrome Releases blog, but did not provide many details on the issue. The vulnerability is listed with a severity rating of high, the second-highest after critical. It is a Type Confusion in V8 issue, Chrome's JavaScript engine. These type of vulnerabilities may lead to the execution of arbitrary code, and it appears that this is the case for the vulnerability that Google disclosed on the blog.

The company notes that it is aware of an exploit that is actively used against the vulnerability:
 
Quote:Google is aware that an exploit for CVE-2022-1364 exists in the wild.

Google did not provide specifics; this is common, as companies that release security patches want updates to be rolled out to the majority of users and devices first. The premature release of information could result in the creation of exploits by other malicious actors.

Google released three zero-day vulnerability updates for its Chrome web browser this year. Other Chromium-based web browsers may also be affected by the issue. Security updates for these web browsers will likely be released soon, provided that the issue affects these browsers as well.

Chrome users may want to upgrade their browser as soon as possible to protect it against attacks that target the 0-day vulnerability. Users who use other Chromium-based browsers may want to check for updates or news regularly to make sure their browsers do get patched as well.
...
Continue Reading
Reply
#2
Additional Info: https://www.ghacks.net/2022/04/16/vivald...-browsers/
Reply


Forum Jump:


Users browsing this thread: 4 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
QOwnNotes 19.1.6
24.12.4 The wel...Kool — 12:56
INTEL Arc Graphics 32.0.101.6325/6253 dr...
Highlights Fix...harlan4096 — 11:06
GFYI [Official] Revo Uninstaller Pro v5...
"Share feedback...damien76 — 09:01
GFYI [Official] SpyShelter PRO v15 Chri...
Merry Christmas and ...damien76 — 08:56
GFYI [Official] IObit Christmas 2024 Bl...
Merry Christmas and ...damien76 — 08:54

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>