Security News > 2022 > December > Google Rolls Out New Chrome Browser Update to Patch Yet Another Zero-Day Vulnerability

Google Rolls Out New Chrome Browser Update to Patch Yet Another Zero-Day Vulnerability
2022-12-03 04:41

Search giant Google on Friday released an out-of-band security update to fix a new actively exploited zero-day flaw in its Chrome web browser.

The high-severity flaw, tracked as CVE-2022-4262, concerns a type confusion bug in the V8 JavaScript engine.

According to the NIST's National Vulnerability Database, the flaw permits a "Remote attacker to potentially exploit heap corruption via a crafted HTML page."

Google acknowledged active exploitation of the vulnerability but stopped short of sharing additional specifics to prevent further abuse.

CVE-2022-4262 is the fourth actively exploited type confusion flaw that Google has addressed since the start of the year.

It's also the ninth zero-day flaw in Chrome attackers have exploited in the wild in 2022 -.


News URL

https://thehackernews.com/2022/12/google-rolls-out-new-chrome-browser.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-12-02 CVE-2022-4262 Type Confusion vulnerability in Google Chrome
Type confusion in V8 in Google Chrome prior to 108.0.5359.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
network
low complexity
google CWE-843
8.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Google 102 256 4320 4678 741 9995