Google Chrome pushed fix for high-severity zero-day bug for MacOS
Google released an update to Chrome on Friday that includes a fix for a high-severity zero-day bug.
This problem which made its way into the browser should now be fixed with the latest software update. The update is now available for macOS, Windows and Linux.
The Chrome team has said there is a new update for the stable channel. It fixes high-severity bugs on all operating systems and is important to install if you are on Chrome version 99.0.4844.84
An issue with CVE-2022-1096 was discovered recently and identified as a "type confusion" weakness in Chrome's V8 JavaScript engine.
The details of how it works are being kept restricted until the main researcher finishes analyzing all possible "regular usage scenarios".
Google has so far refused to share the details of the exploit, despite claims it was being actively used.
The team also insists that they will not release the details of the exploit if bugs in other third party libraries are found to exist, even if these libraries have yet to be fixed.
Type confusion happens when an attacker forces a browser to read and write memory outside of storage bounds. It causes crashes, but can also be exploited by an attacker to run malicious code.