In order to patch a zero-day vulnerability in the browser, the ninth to be fixed this year, Google on Friday announced an emergency Chrome 108 update. The V8 JavaScript engine in the browser is where the high-severity security flaw, tracked as CVE-2022-4262, is found.
The internet giant states, “Google is aware that an exploit for CVE-2022-4262 exists in the wild.” Clement Lecigne, a security researcher with the Google Threat Analysis Group, discovered the flaw. No bug bounty payment will be made in accordance with Google policy.
Also Read: Key Strategies for Enterprise Cybersecurity in 2023
According to a National Vulnerability Database advisory, the flaw could enable “a remote attacker to potentially exploit heap corruption via a crafted HTML page.” Because a memory block is used by a different algorithm than the one that was intended to consume it, type confusion flaws can occur.
Read More: Google Patches Ninth Chrome Zero-Day of 2022
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.