Google fixed third zero-day in Chrome since the start of 2022

Google Chrome 100.0.4896.127 addresses a new high-severity zero-day vulnerability tracked as CVE-2022-1364, actively exploited by threat actors in the wild.

Google has released Chrome 100.0.4896.127 for Windows, Mac, and Linux to address a high-severity zero-day, tracked as CVE-2022-1364, that is actively exploited by threat actors in attacks.

The CVE-2022-1364 zero-day is a type confusion issue that resides in the V8 JavaScript engine that was reported by Clément Lecigne of Google’s Threat Analysis Group on April 13, 2022.

Shane Huntley, Google’s Threat Analysis Group chief, highlighted that the flaw was quicky addressed by the company.

Another Chrome 0day (CVE-2022-1364) in the wild found by @_clem1 . Reported to Chrome yesterday and updated release out now: https://t.co/JIboCmb0yJ

Incredibly impressive how fast @googlechrome is getting at rolling out fixes.

— Shane Huntley (@ShaneHuntley) April 14, 2022

“Google is aware that an exploit for CVE-2022-1364 exists in the wild,” reads the security advisory.

The IT giant did not provide technical details about the attacks, as usual, it plans to keep them restricted to give the time to the users to install the security fix.

This is the third Chome zero-day vulnerability addressed by the company this year, previous bugs fixed by the company are CVE-2022-1096 (Type Confusion in V8 JavaScript engine fixed on March 25) and CVE-2022-0609 (a use after free issue that resides in Animation February fixed on February 14).

Please vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice.
To nominate, please visit: 
https://docs.google.com/forms/d/e/1FAIpQLSfxxrxICiMZ9QM9iiPuMQIC-IoM-NpQMOsFZnJXrBQRYJGCOw/viewform  

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, Google Chrome)

The post Google fixed third zero-day in Chrome since the start of 2022 appeared first on Security Affairs.

Recent Posts
Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt