Google on Thursday rolled out emergency fixes to include an actively exploited zero-day flaw in its Chrome internet browser.
The vulnerability, tracked as CVE-2022-3723, has been described as a kind confusion flaw within the V8 JavaScript engine.
Security researchers Jan Vojtěšek, Milánek, and Przemek Gmerek of Avast have been credited with reporting the flaw on October 25, 2022.
“Google is conscious of reviews that an exploit for CVE-2022-3723 exists within the wild,” the web big acknowledged in an advisory with out moving into extra specifics concerning the nature of the assaults.
CVE-2022-3723 is the third actively exploited sort confusion bug in V8 this 12 months after CVE-2022-1096 and CVE-2022-1364.
The newest repair additionally marks the decision of the seventh zero-day in Google Chrome because the begin of 2022 –
Users are really useful to improve to model 107.0.5304.87 for macOS and Linux and 107.0.5304.87/.88 for Windows to mitigate potential threats.
Users of Chromium-based browsers similar to Microsoft Edge, Brave, Opera, and Vivaldi are additionally suggested to use the fixes as and once they change into obtainable.