Google Chrome Flaw Added to CISA Patch List
CISA gives agencies deadline to patch against Google Chrome bug being actively exploited in the wild.
![CISA logo CISA logo](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt74118f01b207a191/64f153befcc9b95d50a961ad/CISA_logo_GK_Images_Alamy.jpg?width=1280&auto=webp&quality=95&format=jpg&disable=upscale)
Although details about its real-world impact are vague, the Cybersecurity and Infrastructure Security Agency (CISA) added a Google Chrome flaw to its list of Known Exploited Vulnerabilities Catalog.
Google has already released a fixed version of Chrome browser for Windows, Mac, and Linux users. CISA has given government agencies until Dec. 26 to get a patch in place.
Tracked under CVE-2022-4262, CISA described the Google Chrome V8 Engine flaw as a "type confusion vulnerability." Attackers can exploit this kind of vulnerability by using a specially crafted HTML page to corrupt the heap and crashing the browser. Attackers can also exploit type confusion flaws to execute arbitrary code. An exploit for CVE-2022-4262 already exists in the wild, according to Google.
"Specific impacts from exploitation are not available at this time," CISA added.
About the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024