Google releases patch for actively used zero-day leak in V8 engine

Spread the love

Google has released an interim update to fix a serious flaw in its Chrome browser’s JavaScript engine. Google is aware that criminals are already exploiting the vulnerability.

Google reports the appearance of Chrome 100.0.4896.127 for Windows, Mac and Linux. That should happen for users in the coming days and weeks. The most significant change is the patch for vulnerability CVE-2022-1364. This is a type of confusion in V8, Chrome’s JavaScript engine. Type confusion is a commonly used attack method, where abuse is possible if software does not check for certain object types.

The issue was reported by Google’s Threat Analysis Group last week. Google reports that there are exploits circulating on the internet that abuse the vulnerability. This is the third zero-day vulnerability in Chrome this year. In March, Google was also forced to fix a serious security problem with its V8 engine.

You might also like
Exit mobile version