Google Chrome fixes one actively exploited zero-day CVE-2022-1096 in its stable channel 99.0.4844.84 update

Google Chrome fixes one actively exploited zero-day CVE-2022-1096 in its stable channel 99.0.4844.84 update

Hello everyone,

 

Chrome stable channel has been updated to 99.0.4844.84 for Windows, macOS, and Linux. This update comes with fixes for 1 actively exploited zero-day vulnerability tracked as CVE-2022-1096. This is a Type confusion vulnerability V8, which is Google's open source high-performance JavaScript and WebAssembly engine, used in Chrome.

 

Google has admitted that it's aware of the vulnerability being exploited in the wild but the technical details of the vulnerability are being withheld to give the 3.2 billion chrome users, the time to deploy the update and secure their networks. The details of the vulnerabilities fixed are as follows:

 

CVE ID

Vulnerability

Severity

CVE-2022-1096

Type confusion in V8

High

 

To install this update on your Windows machines, using Patch Manager Plus, initiate a sync between the Central Patch Repository and the Patch Manager Plus server. Once the sync is complete, search for the following Patch IDs or Bulletin ID and deploy them to your target systems.

 

Patch ID

Bulletin ID

Patch Description

324201

TU-017

Google Chrome (x64) (99.0.4844.84)

324200

TU-017

Google Chrome (99.0.4844.84)

 


Cheers,
The ManageEngine Team