Chrome and Microsoft Edge – two web browsers based on Google's Chromium engine – are at risk from a newly discovered vulnerability. Specifically, there is a flaw in V8, the free JavaScript engine within the Chromium Project.
According to Google, there is already an exploit for the vulnerability in the wild. However, the flaw has also gotten a fix on the latest Chrome version. So, the company is telling users across Windows, Linux, and macOS to update to version 99.0.4844.84.
As this is a Chromium issue, it is not exclusive to Chrome and also effects Microsoft Edge. In response to the vulnerability, Microsoft has released version 99.0.1150.55 which has Google's fix built in.
Because there is a live exploit, Google is keeping quiet on the specifics of the flaw:
“CVE-2022-1096: Type Confusion in V8. Reported by anonymous on 2022-03-23,” is all the company has to say on the matter.
Little Information
The company says it will continue to keep details short until a majority of users have patched their browser. If you are unfamiliar with V8, it is a proprietary JavaScript engine that Google uses in Chrome.
“We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven't yet fixed,” it says.
Google admits it has seen more zero-day vulnerabilities in Chrome than normal this year. Even so, it wasn't until mid-February when the first zero-day of the year was recorded in the browser. That was a high-severity flaw that was also already in the wild.
Tip of the day: Do you often experience PC freezes or crashs with Blue Screens of Death (BSOD)? Then you should use Windows Memory Diagnostic to test your computers RAM for any problems that might be caused from damaged memory modules. It is a tool built Microsoft which can be launched at startup to run various memory checks.
