Google Chrome issues emergency update for high-severity zero-day
Source: BleepingComputer
Google has released Chrome 99.0.4844.84 for Windows, Mac, and Linux users to address a high-severity zero-day bug exploited in the wild. The vulnerability known as CVE-2022-1096 is a high severity type confusion weakness in the Chrome V8 JavaScript engine reported by an anonymous security researcher.
The current impacts of the vulnerability have not yet been revealed. Even though Google said it detected attacks exploiting this zero-day in the wild, they did not share technical details or additional info regarding these incidents. Google does not plan to release details until the majority of Chrome users have been updated with the fix.
The vulnerability is presumed to be severe as the emergency update to version 99.0.4844.84 of Chrome is highly unusual in that it addresses just a single security vulnerability.
Ascend Technologies has enforced a patch on all clients with patching services for this Google Chrome update. If your organization does not have patching services, we highly recommend updating Google Chrome as soon as possible.
If you don’t know or are unsure about what version you are running of Chrome, use the following steps: • Open your Chrome browser and locate the “hamburger” menu in the upper right corner • Open the Help section by clicking on the arrow right of the “Help” option • Select “About Google Chrome” • A new tab should open to the Settings configurations for Chrome. There you will see the current version you are running. If you are running any version lower than 99.0.4844.84 you need to update Chrome.