My TechDecisions

Compliance, IT Infrastructure, Network Security, News

Update Google Chrome, Microsoft Edge To Patch Vulnerability Now

Organizations are being urged to deploy a patch to address a newly discovered zero-day vulnerability in Google Chrome, Microsoft Edge.

Leave a Comment

Google, Bard
stock.adobe.com/wolterke

Google and Microsoft are urging organizations to deploy a patch to address a newly discovered zero-day vulnerability in Chrome.

Other than being called a “Type Confusion in V8” and that an exploit for it exists in the wild, details about this particular vulnerability are scarce.

Google says the Chrome update 99.0.4844.84 for Windows, Mac and Linux, which fixes this vulnerability, will roll out over the coming days/weeks.

Details about the bug are being kept under wraps until a majority of users have been able to apply the patch. However, previous Type Confusion in V8 bugs in Chrome allowed for remote code execution and other malicious activities.

The bug, CVE-2022-1096, is being called a “Type Confusion in V8,” which refers to the JavaScript engine used by Chrome.

Microsoft also confirms that the issue affects certain versions of the Chromium-based Microsoft Edge. However, the latest version of Microsoft Edge is no longer vulnerable to this exploit, according to the company.

This vulnerability is the only one listed in the March 25 Chrome update advisory.

The security warning and update comes just weeks after the company addressed the increasing zero-day vulnerabilities in Chrome, claiming that vendor transparency, evolving attack techniques, the increased use of security bugs in attacks and the growing complexity of software are all leading to the increase.

Google said it was taking several steps to address the rise of  zero days in Chrome, including strengthening site isolation, preventing attackers from using JavaScript just-in-time compilation bugs, preventing exploitability of use-after-free bugs and more. However, those are long-term projects with engineering challenges.

The company also advises IT professionals to keep auto-update on and familiarize themselves with the added enterprise policies and controls that can be applied to Chrome within the organization.

If auto-update isn’t on, users should patch the browser manually by navigating to the three dots at the top right of the browser, and selecting “Help,” then “About” to see what version of Chrome is installed and to update if it hasn’t already been applied.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Latest Downloads

Practical Design Guide for Office Spaces
Practical Design Guide for Office Spaces

Recent Gartner research shows that workers prefer to return to the office for in-person meetings for relevant milestones, as well as for face-to-fa...

New Camera Can Transform Your Live Production Workflow
New Camera System Can Transform Your Live Production Workflow

Sony's HXC-FZ90 studio camera system combines flexibility and exceptional image quality with entry-level pricing.

Creating Great User Experience and Ultimate Flexibility with Clickshare

Working and collaborating in any office environment today should be meaningful, as workers today go to office for very specific reasons. When desig...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ