Google recently released three emergency security updates for the Chrome browser. The latest update patches a high-severity zero-day vulnerability that Google claims is already being exploited by attackers. Chrome’s 3.2 billion users are encouraged to implement the patch as soon as possible to mitigate the risk of attack. The third update is to be rushed out in three weeks whereas the first has already been released and patches another zero-day vulnerability also under attack. The vulnerabilities bear many similarities.
The latest disclosed bug, tracked as CVE-2022-1364, is a Type Confusion in V8 flaw, meaning that it impacts the JavaScript engine that is employed by Chromium-powered browsers. This includes Chrome, Microsoft Edge, Brave, and others. Google has not released any technical details, much like before, to avoid the risk that attackers will use the information to their advantage. The update states that Google will retain restriction, suggesting that the vulnerability is particularly serious.
Read More: Emergency Security Update For 3.2 Billion Google Chrome Users