Home » Technology » Emergency update: Chrome actively fixes exploited vulnerability

Emergency update: Chrome actively fixes exploited vulnerability

There is a new security update for Google Chrome. The new update is recommended for all users as it fixes a vulnerability that has been identified as high risk and is being actively exploited. The update is already available in the WinFuture download area.

Google has released Chrome version 99.0.4844.84 for Windows, Mac, and Linux. According to the description, it is an emergency update that fixes a very dangerous zero-day vulnerability that is already being exploited in the wild: “Google is aware that an exploit for CVE-2022-1096 exists in the wild.” in the newly published security advisory.

Apply updates asap

The new version 99.0.4844.84 is already being rolled out worldwide in the stable desktop channel. If you’re using Chrome, you can also force the update by checking for updates through your browser settings (Chrome menu > Help > About Google Chrome > Updates). The web browser also automatically checks for new updates and installs them if possible after the next startup or indicates an available update. The fixed zero-day bug is a serious type of confusion vulnerability in the Chrome V8 JavaScript engine reported by an anonymous security researcher. While typing confusion errors generally cause browser crashes when successfully exploited by reading or writing memory outside the buffer boundaries, attackers can also exploit them to execute arbitrary code.

Details of use unknown

Because Google claims to have already discovered active attacks on this vulnerability, no further technical details or additional information about the exploit has been released. “Access to error details and links will be limited until a majority of users have received an update,” Google said. This is standard practice to avoid attracting free-riders who want to exploit the vulnerability after it has been discovered. “We will also maintain restrictions when the bug exists in a third-party library that other projects depend on in a similar way, but has not yet been fixed.” This includes the Microsoft Edge web browser.

Ron Harold

It has been a long time since I joined Research Snipers. Though I have been working as a part-time tech-news writer, it feels good to be part of the team. Besides that, I am building a finance-based blog, working as a freelance content writer/blogger, and a video editor.

Leave a Reply