Google Chrome has issued an pressing repair for an actively exploited zero-day bug in its browser.
This is the seventh Chrome actively exploited zero-day flaw this 12 months, underscoring how huge of a goal it has develop into for cyberattacks.
As customers scramble to patch, Google is not releasing many particulars in regards to the vulnerability, tracked underneath CVE-2022-3723, besides to notice that it is a sort confusion bug in V8, which is Google’s open supply high-performance JavaScript and WebAssembly engine. Type confusion bugs are can result in out-of-bounds reminiscence entry and arbitrary code execution, in line with MITRE.
“Access to bug particulars and hyperlinks could also be saved restricted till a majority of customers are up to date with a repair,” Google mentioned in its pressing replace. “We can even retain restrictions if the bug exists in a 3rd celebration library that different tasks equally rely on, however haven’t but mounted.”