/>
X

Chrome and Edge hit with V8 type confusion vulnerability with in-the-wild exploit

Vulnerability hits Google's browser, as well as its Chromium-based brethren.
chrisduckett-mk3.png
Written by Chris Duckett, APAC Editor on
google-chrome.png
Image: slyellow/Shutterstock

Google is urging users on Windows, macOS, and Linux to update Chrome builds to version 99.0.4844.84, following the discovery of a vulnerability that has an exploit in the wild.

Due to the this, the browser maker is being tight lipped on details.

"CVE-2022-1096: Type Confusion in V8. Reported by anonymous on 2022-03-23," was as far as Google would explain the issue.

V8 is Chrome's JavaScript engine -- it is also used server-side in Node.js, but has not yet said it is impacted.

Google added that bug details would be restricted until a majority of users had updated the browser.

"We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven't yet fixed," it said on Friday.

A day later, Microsoft issued its own notice and said the issue was fixed in Edge version 99.0.1150.55 released the same day.

At the start of the month, Google said it was seeing more Chrome zero-day flaws in the wild.

Related Coverage

Related

The 5 best Linux distros for beginners in 2022
Linux Mint 20.2 with Cinnamon

The 5 best Linux distros for beginners in 2022

Linux
Fake domains offer Windows 11 installers - but deliver malware instead
Confused businesswoman annoyed by online problem looking at laptop

Fake domains offer Windows 11 installers - but deliver malware instead

Security
The 5 best secure browsers for privacy in 2022
replace-this-image.jpg

The 5 best secure browsers for privacy in 2022

Services & Software