ALERT: Google Releases Immediate Update for Chrome to Fix Actively Exploited Zero-Day Vulnerability

Google released emergency Update for Chrome web browser on Thursday to patch an actively exploited zero-day vulnerability.

The CVE-2022-3723 vulnerability has been identified as a misunderstanding bug in the V8 JavaScript engine.

On October 25, 2022, Avast security researchers Jan Vojtek, Milánek, and Przemek Gmerek are credited with discovering the bug.

Without elaborating on the nature of the bug, Google stated that it was “aware of claims that an exploit for CVE-2022-3723 exists in the wild.”

After CVE-2022-1096 and CVE-2022-1364, CVE-2022-3723 is the third extensively exploited type of confusion flaw in V8 this year.

The most recent patch also resolves Google Chrome’s eighth zero-day vulnerability since the year 2022 began:

• CVE-2022-0609 – Use-after-free in Animation
• CVE-2022-1096 – Type confusion in V8
• CVE-2022-1364 – Type confusion in V8
• CVE-2022-2294 – Heap buffer overflow in WebRTC
• CVE-2022-2856 – Insufficient validation of untrusted input in Intents
• CVE-2022-3075 – Insufficient data validation in Mojo

To reduce possible dangers, users are advised to Update for Chrome version 107.0.5304.87 for macOS and Linux and 107.0.5304.87/.88 for Windows.

As soon as the solutions become available, users of Chromium-based browsers, including Microsoft Edge, Brave, Opera, and Vivaldi, are encouraged to install them.

Sharing is Caring!

You are welcome to put this blog article on your website, provided you also append an active link to our website “Source: https://resources.rhyno.io”

For media enquiries, contact us at [email protected].