Urgent: Google Issues Emergency Patch for Chrome Zero-Day

With scant details attached, Google Chrome seeks to shore up yet another exploited zero-day vulnerability.

Dark Reading Staff, Dark Reading

October 28, 2022

1 Min Read
Image of Google Chrome browser displayed on monitor
Source: IB Photography via Alamy Stock Photo

Google Chrome has issued an urgent fix for an actively exploited zero-day bug in its browser. 

This is the seventh Chrome actively exploited zero-day flaw this year, underscoring how big of a target it has become for cyberattacks. 

As users scramble to patch, Google isn't releasing many details about the vulnerability, tracked under CVE-2022-3723, except to note that it's a type confusion bug in V8, which is Google's open source high-performance JavaScript and WebAssembly engine. Type confusion bugs are can lead to out-of-bounds memory access and arbitrary code execution, according to MITRE.

"Access to bug details and links may be kept restricted until a majority of users are updated with a fix," Google said in its urgent update. "We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed." 

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights