On February 10, Google discovered a remote code execution vulnerability that was exploited as early as January 5. Google isn’t dealing with the first zero-day exploit of 2022 Cyberattacks are likely to ramp up until all the browsers have been updated. Security patches have been rolling out for Chrome, Microsoft Edge, and other affected browsers and developers are expecting users to update within the next few weeks. Attackers can exploit the type vulnerability to view or change data. It means Chrome, Microsoft Edge, Vivaldi, Opera, Brave and other browsers that run on the Chromium codebase are vulnerable. This can result in logical errors, out-of-bounds memory access, and browser crashes. The flaw causes the program to assign a variable or an object using a certain type and then access it using a different type that is incompatible. What Is CVE-2022-1364 and How Serious Is It?ĬVE-2022-1364 is a type confusion vulnerability inside Chrome V8, which is the JavaScript engine for all Chromium-based web browsers. The company urges all Chrome and Chromium users to update their browser as soon as possible. The company announced on April 13 that “Google is aware that an exploit for CVE-2022-1364 exists in the wild” and released a stable security update on April 15.Īttackers have been exploiting the flaw labeled as CVE-2022-1364 and Google is yet to establish the full repercussions of this security breach. Google released a third security update this year to patch a major vulnerability in the Chrome browser.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |