This image has an empty alt attribute; its file name is Ncert-Advisory-Template-v2-2.jpg

Google has released Chrome Version 100.0.4896.127 for Windows, Mac, and Linux, to fix 2 security issues, including a known zero-day vulnerability (CVE-2022-1364).

According to Google, they are aware that an exploit for CVE-2022-1364 exists in the wild.

______________________________

A. Nature of Vulnerability

CVE-2022-1364

A high severity type confusion weakness in the Chrome V8 JavaScript engine that could allow threat actors to execute arbitrary code. This vulnerability was discovered and reported by ClĂ©ment Lecigne from Google’s Threat Analysis Group.

______________________________

B. Actions to be Taken

CERT-PH recommends the following actions be taken:

  • Users and administrators are urged to update their Google Chrome version to the latest version.
    • To manually check for an update, you may do the following steps:

Settings > Help > About Google Chrome