Techno Blender
Digitally Yours.

Google issues emergency Chrome update to patch zero-day exploit

0 67


On Friday, Google began rolling out an emergency stable channel update for the Chrome browser on Windows, Mac, and Linux to patch a zero-day exploit that exists in the wild. If you haven’t done so, check and make sure your browser is updated to at least version 108.0.5359.94 on Mac and Linux and 108.0.5359.94/.95 on Windows.

Ninth zero-day of 2022 hits Chrome

Google’s Prudhvikumar Bommana says on the Chrome Releases blog that CVE-2022-4262 is a high-severity type confusion weakness in Chrome’s V8 JavaScript engine. If that sounds familiar, it’s because it’s the third such bug in Chrome this year.

As we’ve explained before, if the attacker exploits a type confusion vulnerability, it can allow them to execute arbitrary code in the browser. They can also view, edit, or delete data if they have the necessary privileges. We are unsure how attackers exploit this specific bug, though, because Google wants everyone to update Chrome before sharing details.

“Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” Google explains. “We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven’t yet fixed.”

This is the ninth Chrome zero-day exploit that Google has patched in 2022. The one before this surfaced on November 25 and involved heap buffer overflow in GPU.

How to update your Chrome browser

Chrome doesn’t always apply the latest updates when you open the browser, so if you want to check and see which version you are running, go to Settings and then About Chrome at the bottom of the menu bar on the left side of the screen.

If you are already running the latest version of the browser, then you are good to go. If not, you should begin the process of updating as soon as possible. Once it finishes downloading, click the Relaunch button to finish updating.


More Google coverage: For more Pixel news, visit our Pixel 7 guide.




On Friday, Google began rolling out an emergency stable channel update for the Chrome browser on Windows, Mac, and Linux to patch a zero-day exploit that exists in the wild. If you haven’t done so, check and make sure your browser is updated to at least version 108.0.5359.94 on Mac and Linux and 108.0.5359.94/.95 on Windows.

Ninth zero-day of 2022 hits Chrome

Google’s Prudhvikumar Bommana says on the Chrome Releases blog that CVE-2022-4262 is a high-severity type confusion weakness in Chrome’s V8 JavaScript engine. If that sounds familiar, it’s because it’s the third such bug in Chrome this year.

As we’ve explained before, if the attacker exploits a type confusion vulnerability, it can allow them to execute arbitrary code in the browser. They can also view, edit, or delete data if they have the necessary privileges. We are unsure how attackers exploit this specific bug, though, because Google wants everyone to update Chrome before sharing details.

“Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” Google explains. “We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven’t yet fixed.”

This is the ninth Chrome zero-day exploit that Google has patched in 2022. The one before this surfaced on November 25 and involved heap buffer overflow in GPU.

How to update your Chrome browser

Chrome doesn’t always apply the latest updates when you open the browser, so if you want to check and see which version you are running, go to Settings and then About Chrome at the bottom of the menu bar on the left side of the screen.

If you are already running the latest version of the browser, then you are good to go. If not, you should begin the process of updating as soon as possible. Once it finishes downloading, click the Relaunch button to finish updating.


More Google coverage: For more Pixel news, visit our Pixel 7 guide.

FOLLOW US ON GOOGLE NEWS

Read original article here

Denial of responsibility! Techno Blender is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – [email protected]. The content will be deleted within 24 hours.

Leave a comment