Google on Thursday rolled out emergency fixes to have an actively exploited zero-working day flaw in its Chrome web browser.
The vulnerability, tracked as CVE-2022-3723, has been described as a sort confusion flaw in the V8 JavaScript motor.
Security scientists Jan Vojtěšek, Milánek, and Przemek Gmerek of Avast have been credited with reporting the flaw on October 25, 2022.
“Google is aware of experiences that an exploit for CVE-2022-3723 exists in the wild,” the internet large acknowledged in an advisory without having into extra details about the nature of the assaults.
CVE-2022-3723 is the third actively exploited variety confusion bug in V8 this year right after CVE-2022-1096 and CVE-2022-1364.
The most recent correct also marks the resolution of the seventh zero-day in Google Chrome because the commence of 2022 –
- CVE-2022-0609 – Use-soon after-cost-free in Animation
- CVE-2022-1096 – Type confusion in V8
- CVE-2022-1364 – Style confusion in V8
- CVE-2022-2294 – Heap buffer overflow in WebRTC
- CVE-2022-2856 – Inadequate validation of untrusted input in Intents
- CVE-2022-3075 – Inadequate info validation in Mojo
Customers are recommended to up grade to version 107..5304.87 for macOS and Linux and 107..5304.87/.88 for Windows to mitigate possible threats.
Customers of Chromium-based browsers this sort of as Microsoft Edge, Brave, Opera, and Vivaldi are also advised to utilize the fixes as and when they turn into accessible.
Identified this article intriguing? Follow THN on Facebook, Twitter and LinkedIn to examine additional unique written content we article.
Some parts of this article are sourced from:
thehackernews.com