Chrome, Edge getting security patch to fix critical flaw
Google has issued an update for the Chrome browser to patch a key security vulnerability. The latest update is not an unusual practice from Google, but what’s notable is that the security patch in question is the only feature that’s part of the latest update — underlining the importance of the update. A similar update is being rolled out by Microsoft for its own Chromium-based Edge browser as well.
The update in question seeks to patch what has been reported as a high security zero-day vulnerability, bearing Common Vulnerabilities and Exposures (CVE) ID 2022-1096. Not a lot has been revealed about exactly what this exploit brings to the table, except for a single line description stating that the flaw refers to a ‘type confusion in V8’. The latter refers to the JavaScript engine that the Chromium browser employs, therefore underlining where the flaw in the browser lay.
CVEs are typically generated when a cyber security flaw is detected and logged, helping companies and users worldwide to keep a track of the issue around the world. Such vulnerabilities are revealed on a near regular basis, helping users also understand which security issues have been patched.
Some of these issues also include zero-day vulnerabilities, which are security glitches that have till date not been revealed or discovered.
Users are recommended to look for updates that are being pushed automatically by both Chrome and Edge. If the automatic update has not been released yet, users can go to settings and check for updates manually to get the patch. Given that it is not clear as to what this exploit contains, it is likely that the flaw is sensitive and is also being used by hackers around the world, which makes it important to be applied, soon.
Chrome users running browser version 99.0.4484.84, and Edge version 99.0.1150.55 and newer, will be patched from CVE-2022-1096, and would therefore qualify as being immune from the exploit.