Home Latest Cyber Security News | Network Security Hacking Google Addressed Another Chrome Zero Day Bug Under Attack

Google Addressed Another Chrome Zero Day Bug Under Attack

by Abeerah Hashim
Google Chrome zero-day flaw under attack

Heads up, Chrome users! It’s time to update the Chrome browser on your devices, as Google released a security fix for a zero-day bug. Since the tech giant confirmed the vulnerability to be under attack, users must ensure the update is applied ASAP.

Google Chrome Zero Day Bug

According to the recent Chrome release update, Google has rolled out the Chrome browser for Desktop users. Chrome version 107.0.5304.87 applies to Linux and Mac devices, whereas Windows systems may receive Chrome version 107.0.5304.87/.88 via updates.

As stated in the advisory, the recent Chrome update addresses a high-severity vulnerability in the Chrome browser. Identified as CVE-2022-3723, the vulnerability first caught the attention of Avast researchers, who then reported the matter to Google on October 25, 2022.

Maintaining the usual precautionary practice of not disclosing vulnerability details for zero-day flaws, Google hasn’t described the issue yet. As stated,

Access to bug details and links may be kept restricted until a majority of users are updated with a fix.

Nonetheless, they still mentioned the vulnerability as a type confusion issue in the Chrome V8 JavaScript engine. The tech giant also admitted detecting active exploits of the flaw.

Google is aware of reports that an exploit for CVE-2022-3723 exists in the wild.

It remains unclear how this vulnerability is under attack, the potential threat actors exploiting the flaw, and the relevant victim groups.

However, after receiving the report, Google quickly worked on developing and releasing the patch for the users to prevent damage.

Chrome For Android Also Updated

Alongside the desktop Chrome update, Google has also released a stable Chrome release for Android devices. As mentioned in that advisory, Chrome 107 (107.0.5304.91) for Android also includes the “same security fixes” as the desktop release. That means the vulnerability potentially affected android devices as well. But it might have escaped the threat actors’ attention, thus avoiding becoming a zero-day for Chrome Android.

So now, all Chrome browser users must ensure updating their systems with the respective Chrome release. It’s essential for Android users, given that Chrome comes in as the default browser in almost all Android devices, and Android users seldom use other browsers on their devices.

You may also like