Google has released an emergency update that fixes an exploited zero-day for the Chrome desktop browser. The high-risk vulnerability, numbered CVE-2022-3723, is located in the Chrome V8 Javascript engine and is a type confusion vulnerability. Security researchers at Avast reported the vulnerability to Google. Google did not disclose details of the vulnerability, and it advised users to update to version 107.0.5304.87/88 immediately. It will wait for most users to update before revealing details. This is the 7th 0day fixed by Google this year – the first 6 were CVE-2022-0609 on February 14, CVE-2022-1096 on March 25, CVE-2022-1364 on April 14, CVE-2022-2294 on July 4, CVE-2022-2856 on August 17, and CVE-2022-3075 on September 2.
This article is reprinted from: https://www.solidot.org/story?sid=73206
This site is for inclusion only, and the copyright belongs to the original author.