Google releases updated version of Chrome web browser to offer emergency zero-day solution


It might be time to update your copy of Google Chrome again.

Google has released its third urgent update for Chrome, one that fixes another zero-day vulnerability for its web browser.

The update, which corresponds to version 100.0.4898.127, was released Thursday in the stable update channel for Google Chrome and applies to macOS, Windows and Linux versions of the browser. Google said the update will roll out over the next few days and weeks, though users may want to force the update sooner.

The update includes a pair of security patches, including a “type confusion” vulnerability designated as CVE-2022-1364. The bug was reported by a member of the Google Threat Analysis Group on April 13, and Google quickly released a fix.

The bug in question, once implemented, can either cause a browser to crash or trigger an error, which then has the power to allow the execution of arbitrary code.

The type of bug is similar to an issue Google patched on March 26, which involved another “type confusion” weakness in Chrome’s V8 JavaScript engine. Again, the latest exploit uses the same V8 JavaScript engine vector.

Google said the company “is aware that an exploit for CVE-202201364 exists in the wild,” a factor that helped create a fix quickly. While Google refrained from providing explicit details about the bug, it said it was restricting access to such information until “the majority of users are updated” and therefore protected.

Updating to the new version can be done automatically for the user, although it can be done manually in macOS by selecting “Chrome” from the main menu, followed by “About Google Chrome”. Once the update is downloaded, click “Relaunch”.

If you have tried the updated version of Google Chrome, please let us know your experience in the comments.

Going through AppleInsider and The register


Comments are closed.