Security News > 2022 > April > Google Releases Urgent Chrome Update to Patch Actively Exploited Zero-Day Flaw
![Google Releases Urgent Chrome Update to Patch Actively Exploited Zero-Day Flaw](/static/build/img/news/google-releases-urgent-chrome-update-to-patch-actively-exploited-zero-day-flaw-medium.jpg)
Google on Thursday shipped emergency patches to address two security issues in its Chrome web browser, one of which it says is being actively exploited in the wild.
Clément Lecigne of Google's Threat Analysis Group has been credited with reporting the flaw on April 13, 2022.
As is typically the case with actively exploited zero-day flaws, the company acknowledged it's "Aware that an exploit for CVE-2022-1364 exists in the wild." Additional details about the flaw and the identity of the threat actors have been withheld to prevent further abuse.
With the latest fix, Google has patched a total of three zero-day vulnerabilities in Chrome since the start of the year.
It's also the second type confusion-related bug in V8 to be squashed in less than a month -.
Users are recommended to update to version 100.0.4896.127 for Windows, Mac and Linux to thwart potential threats.
News URL
https://thehackernews.com/2022/04/google-releases-urgent-chrome-update-to.html
Related news
- Google Chrome emergency update fixes 6th zero-day exploited in 2024 (source)
- Google patches third exploited Chrome zero-day in a week (source)
- Google fixes third actively exploited Chrome zero-day in a week (source)
- Google Patches Yet Another Actively Exploited Chrome Zero-Day Vulnerability (source)
- Google fixes third exploited Chrome zero-day in a week (CVE-2024-4947) (source)
- Google fixes yet another Chrome zero-day exploited in the wild (CVE-2024-5274) (source)
- Google fixes eighth actively exploited Chrome zero-day this year (source)
- Week in review: Google fixes yet another Chrome zero-day exploit, YouTube as a cybercrime channel (source)
- Apple backports iOS zero-day patch, adds Bluetooth tracker alert (source)
- New Chrome Zero-Day Vulnerability CVE-2024-4761 Under Active Exploitation (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-07-26 | CVE-2022-1364 | Type Confusion vulnerability in Google Chrome Type confusion in V8 Turbofan in Google Chrome prior to 100.0.4896.127 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 0.0 |