Google Chrome 0-Day Vulnerability Exploited in the Wild

December 4, 2022

Google Chrome 0-Day Vulnerability Exploited in the Wild

Google has released an emergency update for Chrome, addressing an actively exploited Zero-Day vulnerability.

The updated version is 108.0.5359.94/.95 for Windows, Mac, and Linux.

Google has not shared further information regarding the Zero-Day details and exploitation, however such vulnerabilities typically allow attackers to create unusually powerful exploits which may result in remote code execution and data loss.

The Vulnerability

  • CVE-2022-4262, High-severity- Type Confusion in Chrome V8 JavaScript engine.

Affected Products

  • Chrome for Desktop prior to version 108.0.5359.94/.95
  • Since the vulnerability affects all unpatched Chromium based browsers, new updates should be monitored in browsers such as Opera, Firefox and Edge.

Mitigation

CYREBRO recommends updating browsers to the latest Chrome version, 108.0.5359.94 for Mac and Linux, and 108.0.5359.94/.95 for Windows.

According to Google, the new version has started rolling out to users in the Stable Desktop channel, and it will reach the entire user base within a matter of days or weeks.

References: Google Advisory

Sign Up for Updates