Google has released Chrome Version 107.0.5304.87 for Mac and Linux and 107.0.5304.87/.88 for Windows to fix a zero-day vulnerability(CVE-2022-3723).

Based on the official site for Chrome updates, “Google is aware of reports that an exploit for CVE-2022-3723 exists in the wild.”.

______________________________

A. Nature of the Vulnerability

CVE-2022-3723

A type-confusion flaw in the Chrome V8 JavaScript engine. 

As of the time of writing, no further information is available regarding this vulnerability.

______________________________

B. Actions to be Taken

CERT-PH encourages all Google Chrome users/administrators to review and apply the updates to mitigate future threats.

  • To manually check for an update, you may do the following steps:
    • Go to Chrome Settings > Help > About Google Chrome
  • Regularly check and apply the latest patch of software, especially to public-facing applications.
  • Proactively monitor and secure identified systems and devices for any suspicious/malicious activities.
  • For additional information, kindly refer to the official advisory:
    • <https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_27.html?m=1>