Google Chrome for MacOS Gets Another Emergency Zero-day Patch




AppleInsider is supported by its audience and is eligible to earn an Amazon Associate and Affiliate Partner commission on qualifying purchases. These affiliate partnerships do not influence our editorial content.

Google has released its third urgent update for Chrome, which fixes another zero-day vulnerability in the popular desktop web browser.

Released on Thursday, the Stable Channels update for the desktop variant of Google Chrome brings the browser to version 100.0.4898.127, on macOS, Windows, and Linux. According to Google, the update will roll out over the next few days and weeks, but users may want to force the update sooner.

This update includes two security fixes, including a “type confusion” vulnerability designated as CVE-2022-1364. The bug was reported by a member of the Google Threat Analysis Group on April 13, with Google quickly releasing a fix for it. The register.

The bug in question is considered a high-severity zero-day, which is being actively used by attackers. When performed, it may cause a browser to crash or raise an error, which may allow the execution of arbitrary code.

The type of bug is similar to an issue that Google patched on March 26, which involved another “type confusion” weakness in Chrome’s V8 JavaScript engine. Again, the latest exploit uses the same vector as the V8 JavaScript engine.

Google says it’s “aware that an exploit for CVE-202201364 exists in the wild,” a factor that helped create a fix quickly. However, rather than providing explicit details about the bug, Google says it is restricting access to this information until “a majority of users are updated” and therefore protected.

Updating to the new version can be done automatically for the user, although it can be done manually on macOS by selecting “Chrome” from the main menu followed by “About Google Chrome”. Once the update has downloaded, click “Relaunch”.

Leave a Comment