Web browser chrome is in stable version 99.0.4844.84 For Linux, Mac OS And windows published. It contains only one bug fix, with the manufacturer closing a security gap that was reported anonymously on Wednesday of the week. The exploit code for the vulnerability has already been exposed in the wild, the company confirms.
In the release blog, Google developers only list one vulnerability that sealed the new version. As always, they have been reluctant to provide details on user security for some time. Only a brief description states that this is a type of confusion vulnerability.
No details known yet
The program does not properly check the type of the transferred data, which can lead to all kinds of errors due to the lack of type conversions and data structures of different sizes, for example in subsequent copy operations – the conceivable result is buffer overflows, which allow injected malicious code to execute.
vulnerability affects According to Google’s release blog post Chrome’s JavaScript Engine V8 (CVE-2022-1096). chrome developers level that risk as a vulnerability High a. Vulnerability details are missing, but visiting a maliciously manipulated website could potentially be enough to exploit the vulnerability – any website with JavaScript can use it.
The update should be delivered over the next few days and weeks. However, it is advised to check if the bug-fixed version is already installed after clicking on the three-dot menu under “Help” – “About Google Chrome” in the top right menu. If necessary, it starts the download and installation.
To activate the new version, a browser restart is required. Most recently, Google closed a critical security gap in the Chrome web browser about two weeks ago.
(DMK)