5 December 2022

Google releases emergency security update to fix Chrome zero-day bug


Google releases emergency security update to fix Chrome zero-day bug

Google has released Chrome 108.0.5359.94/.95 for Windows, Mac, and Linux users to fix a zero-day vulnerability exploited in the wild.

The zero-day bug is tracked as CVE-2022-4262 and is described as a type confusion error within the V8 engine in Google Chrome. It can be exploited by a remote hacker to achieve remote code execution on the vulnerable systems. To do this, an attackers needs to trick the victim into visiting a malicious web page.

Google didn’t share any additional details on when, how, and by whom the vulnerability was exploited. The company only said that it “is aware that an exploit for CVE-2022-4262 exists in the wild.”

With the new update the tech giant fixed the ninth Chrome zero-day since the start of 2022.

The previous eight zero-day vulnerabilities patched this year include: CVE-2022-0609 (February 14), CVE-2022-1096 (March 25), CVE-2022-1364 (April 14), CVE-2022-2294 (July 4), CVE-2022-2856 (August 17), CVE-2022-3723 (October 28), CVE-2022-4135 (November 25).

Back to the list

Latest Posts

Free VPN apps on Google Play turned Android devices into residential proxies

Free VPN apps on Google Play turned Android devices into residential proxies

The threat actor behind this scheme profits by selling access to the residential proxy network to third parties.
28 March 2024
Cyber spies strike Indian government and energy sectors

Cyber spies strike Indian government and energy sectors

The operation involved phishing emails delivering the HackBrowserData info-stealer.
28 March 2024
Spyware makers and state-backed hackers are primary culprits behind rise in zero-day exploits, Google says

Spyware makers and state-backed hackers are primary culprits behind rise in zero-day exploits, Google says

97 zero-day flaws were exploited in-the-wild in 2023, marking an increase of over 50% compared to 2022.
27 March 2024