Google on Thursday shipped emergency patches to address two security issues in its Chrome web browser, one of which it says is being actively exploited in the wild.
Tracked as CVE-2022-1364, the tech giant described the high-severity bug as a case of type confusion in the V8 JavaScript engine. Clément Lecigne of Google’s Threat Analysis Group has been credited with reporting the flaw on April 13, 2022.
As is typically the case with actively exploited zero-day flaws, the company acknowledged it’s “aware that an exploit for CVE-2022-1364 exists in the wild.” Additional details about the flaw and the identity of the threat actors have been withheld to prevent further abuse.
With the latest fix, Google has patched a total of three zero-day vulnerabilities in Chrome since the start of the year. It’s also the second type confusion-related bug in V8 to be squashed in less than a month –
- CVE-2022-0609 – Use-after-free in Animation
- CVE-2022-1096 – Type confusion in V8
Read more:https://bit.ly/3Oe8yRm
You can also read this: Google Removes Dangerous Banking Malware From Play Store