Google urgently fixes a mysterious zero day vulnerability in Chrome
Software

Google urgently fixes a mysterious zero-day vulnerability in Chrome

Google has released an extraordinary update for Chrome 99.0.4844.84 for Windows, macOS and Linux that fixes a zero-day vulnerability that was exploited by attackers. The company has not yet released any details about this vulnerability and is waiting for browsers to be updated for most users.

    Image source: google.com

Image source: google.com

“Google has been alerted to the existence of an exploit for [уязвимости] CVE-2022-1096″says in it statement companies. Chrome browser update 99.0.4844.84 is already rolling out on the Stable Desktop channel, with the company saying its entire user base will receive it in the next few days or weeks. Updates are automatically checked and installed in the background, but you can speed things up by selecting the “Help” item in the program menu and going to the “About Google Chrome” sub-item, and after installing the latest version, the browser will have to do it again be started.

The fixed vulnerability has been given a number CVE-2022-1096 – It is related to the Chrome V8 JavaScript engine’s lack of object type verification and was reported by an anonymous cybersecurity specialist. Successful exploitation of such bugs allows data to be read or written to memory outside of the buffer, and attackers can execute arbitrary code.

No details about its nature have been disclosed since Google discovered the existence and use of an exploit for this vulnerability. “Access to bug details and links may be limited until most users receive a fix update. We will also comply with the restrictions [в том случае]if the bug exists in a third-party library that also depends on other projects that haven’t been fixed yet”the company announced.

This year, Google released the second fix for a zero-day vulnerability that was exploited by attackers. Previously became known about the error number CVE-2022-0609with which two groups of North Korean hackers, as the company announced, launched a large-scale attack.

.

RELATED TOPICS

About the author

Robbie Elmers

Robbie Elmers is a staff writer for Tech News Space, covering software, applications and services.

Add Comment

Click here to post a comment