Google releases yet another emergency Chrome security update

By Anthony Spadafora
published

Manually patch now or wait for an update to roll out in the coming weeks, the choice is yours

Google Chrome
(Image credit: Shutterstock)

Following the release of version 100 of its browser (opens in new tab), Google has released a new update for Chrome (opens in new tab) to fix a high-severity zero-day vulnerability that is being actively exploited in the wild.

According to a new security advisory (opens in new tab) put out by the search giant, the company is aware that an exploit exists for this high-severity vulnerability tracked as CVE-2022-1364. 

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 (opens in new tab)

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 (opens in new tab). Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey (opens in new tab) to get the bookazine, worth $10.99/£10.99.

The bug itself is a confusion weakness in the Chrome V8 JavaScript engine (opens in new tab) and while these types of vulnerabilities usually lead to browser crashes after reading or writing memory out of buffer bounds, cybercriminals can also exploit them to execute arbitrary code on vulnerable systems.

The vulnerability was discovered by Clément Lecigne (opens in new tab) from Google’s Threat Analysis Group who immediately reported it to the Google Chrome team. Although Google has observed this zero-day actively being exploited in the wild, the company has been tight lipped regarding any attacks. In its security advisory, it said that details about the bug and links will be “kept restricted until a majority of users are updated with a fix”.

Google Chrome Manual Update

(Image credit: Google)

Manually updating Chrome is your bet bet

Google Chrome 100.0.4896.127 for Windows, Mac and Linux will roll out in the next few weeks as an update.

However, due to the high-severity of this vulnerability, security-conscious users can update Chrome immediately by going into the Chrome menu, heading to Help and clicking on About Google Chrome. Here, they’ll be able to manually install the update themselves as opposed to waiting for Google to roll it out.

Read More

> Google says it stopped North Korea hacking Chrome (opens in new tab)

> Google Chrome's password manager is finally adding this must-have feature (opens in new tab)

> This Google Chrome challenger could be the best browser for private surfing (opens in new tab)

For those that would rather wait though, Chrome will automatically check for new updates and install them the next time you close and relaunch the browser.

This is the third zero-day vulnerability (opens in new tab) that has been discovered and patched in Chrome this year.

Via BleepingComputer (opens in new tab)

Anthony Spadafora
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

See more Computing news