Search giant Google on Friday released an out-of-band security update to fix a new, actively exploited zero-day vulnerability in its Chrome web browser.

High severity defects tracked as CVE-2022-4262is about a type confusion bug in the V8 JavaScript engine. Clement Lecigne of Google’s Threat Analysis Group (TAG) reported this issue on November 29, 2022.

Type confusion vulnerabilities can be weaponized by threat actors to perform out-of-bounds memory accesses, leading to crashes or arbitrary code execution.

According to NIST’s National Vulnerability Database, the flaw is To give permission “A remote attacker exploiting heap corruption via a crafted HTML page.”

cyber security

Google acknowledged that this vulnerability was being actively exploited, but declined to share additional details to prevent further exploitation.

CVE-2022-4262 is the fourth actively exploited type confusion flaw Google has addressed earlier this year. This is also his ninth zero-day vulnerability that Chrome attackers exploited in 2022.

We recommend upgrading to version 108.0.5359.94 for macOS and Linux and 108.0.5359.94/.95 for Windows to mitigate potential threats.

Users of Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi are also encouraged to apply the fix as it becomes available.

Did you find this article interesting?Please follow us twitter When LinkedIn To read more exclusive content that we post.



Register now for our membership to gain access to our elite training program and fast forward your career today!


Subscribe my Newsletter for new blog posts, tips & new photos. Let's stay updated!

Security Blog

Blue Training Academy

Blue Training Academy was developed in 2018 as a educational and training facility for continuing education and certification courses. Blue Training Academy is an educational institution that allows for all sectors of the public and Criminal Justice field to gain ongoing training and education.

Copyright ©️ All rights reserved. | Blue Training Academy Blog