Google Chrome Urgent Security Update to Patch the Actively Exploited Zero-Day Flaw

Google recently released a new version of Chrome (Chrome 99.0.4844.84) to fix a zero-day vulnerability (CVE-2022-1096) that has been actively exploited in the wild. 

This new version of Chrome is available for all the major following platforms and claimed that during the next few days/weeks, they will be rolling out new features:-

  • Windows
  • Mac
  • Linux

Zero-Day Flaw

The CVE-2022-1096 is a zero-day flaw that was reported by an anonymous user on 2022-03-23. It is a type of confusion bug in the V8 JavaScript engine. 

When exploited successfully by reading or writing memory outside of the buffer limit, type confusion flaws usually result in browser crashes, however, an attacker can also execute arbitrary code with them.

During a type confusion event, an incompatible type is used to access a resource, and as a result of this vulnerability, the ability exists for a malicious actor to perform out-of-bounds memory access in languages that do not support memory safety like C and C++.

Apart from this, the company did not divulge any technical details or additional information about the incidents it detected exploiting this zero-day vulnerability, although it claimed to have discovered attacks that took advantage of the vulnerability.

It should be possible for Google Chrome users to upgrade the browser and prevent exploitation attempts until more information is released by the browser vendor.

As of February 14, 2022, Google had patched the use-after-free vulnerability in the Animation component from CVE-2022-0609, the first zero-day vulnerability addressed by the company this year.

While the CVE-2022-1096 is the second zero-day vulnerability, a type confusion vulnerability in the V8 JavaScript engine that is addressed by Google recently this year.

Update your Chrome

To update your Google Chrome to the new version you have to follow the simple steps that we have mentioned below:-

  • First of all, you have to go to the Chrome menu.
  • Then select the Help option.
  • After that, you have to select the About Google Chrome option.

Moreover, the web browser will automatically check for and install new updates upon the next launch. In order to prevent any potential threats, Chrome users should update to version 99.0.4844.84 immediately.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.