Google has released Chrome 100.0.4896.127 for Windows, Mac, and Linux to address a critical vulnerability that has been actively exploited in hacker attacks.
Tracked as CVE-2022-1364, the flaw is a type confusion issue that exists in V8 engine within Google Chrome. A remote attacker can exploit the vulnerability in order to achieve arbitrary code execution on the target system by tricking a user into visiting a malicious web page.
As usual, Google didn’t share any additional information about attacks the above described flaw was used in. The tech giant only noted that it is “aware that an exploit for CVE-2022-1364 exists in the wild.”
This is the third Chrome zero-day issue Google has addressed since the beginning of the year. Other two bugs were fixed in February (CVE-2022-0609) and March (CVE-2022-1096).