Google patches urgent zero-day for Chrome browser

Google recently rolled out urgent fixes to prevent a zero-day vulnerability from being exploited in its Chrome web browser.

According to The Hacker News, the vulnerability, identified as CVE-2022-3723, is described as a type confusion flaw in the V8 JavaScript engine – Google’s open source high-performance JavaScript and WebAssembly engine. This engine is used in the popular Chrome browser and Node.js platform.

Google noted that three security researchers from Avast reported the vulnerability on October 25, 2022.

Google also said that there are reports of CVE-2022-3723 exploits happening, but did not go into details of the attacks. CVE-2022-3723 is the third actively exploited bug this year, following two bugs CVE-2022-1096 and CVE-2022-1364.

The latest fix marks Google Chrome’s seventh zero-day fix since the beginning of 2022. Zero-day is a security industry term for unknown and unknown software and hardware vulnerabilities. be remedied.

Users are advised to upgrade to Google Chrome version 107.0.5304.87 for macOS and Linux, as well as to version 107.0.5304.87/88 for Windows to mitigate threats.

Users of Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi are also advised to use the fixes as they are announced.

Related posts

Be wary of SteelFox malware attacking Windows using a copyright-cracking tool

Lazarus exploits zero-day vulnerability in Chrome to steal cryptocurrency

Detect fake survey emails to install Linux malware on Windows systems