A zero-day vulnerability (CVE-2022-1096) has been reported in Google Chrome, which could allow a remote attacker to execute arbitrary code on the targeted system. If you are a Google Chrome user, you should pay attention to it and take immediate action as suggested by Google.
As the bug is within the Chromium engine, all browsers powered by Chromium (Google Chrome, Microsoft Edge, Mozilla Firefox) will be affected due to this vulnerability.
The zero-day vulnerability bug was first reported by an anonymous user on March 23, 2022. When this is exploited on your system can result in browser crashes and result in the execution of an arbitrary code by the attacker. A vulnerability has been reported in Google Chrome, which could allow a remote attacker to execute arbitrary code on the targeted system
, says CERT-In (Computer Emergency Response Team - India) in its advisory bulletin.
This vulnerability exists in Google Chrome due to a type confusion error within the V8 JavaScript engine component in Google Chrome. A remote attacker could exploit this vulnerability by sending a specially crafted webpage, trigger type confusion error and execute arbitrary code on the targeted system. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code and take control of the targeted system
, explained by CERT-In.
Google didn't reveal any details about this bug, but the company said that Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven’t yet fixed
.
Google Chrome users should immediately update their system to browser version 99.0.4844.84. To update your Google Chrome, open the browser on your system, tap the three dots on the top-right corner of the browser window and click on the Settings menu item. Navigate to the "About Chrome" screen. It will immediately start updating your Google Chrome browser to the latest version.
The Microsoft Edge users on the stable release channel will get the fix on the browser version 99.0.1150.55. To update your Microsoft Edge, open the browser on your system, tap the three dots on the top-right corner of the browser window and click on the Help and feedback > About Microsoft Edge to trigger your browser to automatically update to the latest version available.