Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
thnThe Hacker NewsTHN:E48AEFF468AB8445D91A32B6F5D7A770
HistoryApr 15, 2022 - 3:25 a.m.

Google Releases Urgent Chrome Update to Patch Actively Exploited Zero-Day Flaw

2022-04-1503:25:00
The Hacker News
thehackernews.com
235

0.042 Low

EPSS

Percentile

92.3%

JSON

Google Chrome Update

Google on Thursday shipped emergency patches to address two security issues in its Chrome web browser, one of which it says is being actively exploited in the wild.

Tracked as CVE-2022-1364, the tech giant described the high-severity bug as a case of type confusion in the V8 JavaScript engine. Clรฉment Lecigne of Googleโ€™s Threat Analysis Group has been credited with reporting the flaw on April 13, 2022.

As is typically the case with actively exploited zero-day flaws, the company acknowledged itโ€™s โ€œaware that an exploit for CVE-2022-1364 exists in the wild.โ€ Additional details about the flaw and the identity of the threat actors have been withheld to prevent further abuse.

With the latest fix, Google has patched a total of three zero-day vulnerabilities in Chrome since the start of the year. Itโ€™s also the second type confusion-related bug in V8 to be squashed in less than a month -

Users are recommended to update to version 100.0.4896.127 for Windows, macOS, and Linux to thwart potential threats. Users of Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi are also advised to apply the fixes as and when they become available.

Found this article interesting? Follow THN on Facebook, Twitter ๏‚™ and LinkedIn to read more exclusive content we post.

Related

thn 12
threatpost 5
cve 3
attackerkb 3
redhatcve 1
suse 8
openvas 24
mscve 3
nessus 20
ubuntucve 3
cvelist 3
nvd 3
debian 3
kaspersky 8
veracode 3
chrome 4
freebsd 3
alpinelinux 3
ubuntu 1
mageia 2
osv 7
debiancve 3
fedora 6
gitlab 9
hivepro 5
cnvd 1
ics 2
cisa_kev 3
github 2
malwarebytes 4
avleonov 4
prion 3
qualysblog 2
checkpoint_advisories 1
schneier 1
qt 1
packetstorm 1
securelist 2
trellix 4
googleprojectzero 1
cisa 1
gentoo 2
thn
thn
Update Google Chrome Browser to Patch New Zero-Day Exploit Detected in the Wild
2022-07-05 02:55:00
Google Issues Urgent Chrome Update to Patch Actively Exploited Zero-Day Vulnerability
2022-03-26 02:11:00
New Google Chrome Zero-Day Vulnerability Being Exploited in the Wild
2022-08-17 12:02:00
threatpost
threatpost
Google Patches Chromeโ€™s Fifth Zero-Day of the Year
2022-08-18 14:31:38
Google Patches Actively Exploited Chrome Bug
2022-07-05 11:54:21
Google Chrome Zero-Day Bugs Exploited Weeks Ahead of Patch
2022-03-25 13:19:59
cve
cve
CVE-2022-1364
2022-07-26 22:15:09
CVE-2022-0609
2022-04-05 00:15:17
CVE-2022-1096
2022-07-23 00:15:08
attackerkb
attackerkb
CVE-2022-1364
2022-07-26 00:00:00
CVE-2022-1096
2022-07-23 00:00:00
CVE-2022-0609
2022-04-05 00:00:00
redhatcve
redhatcve
CVE-2022-1364
2022-05-24 15:33:15
suse
suse
Security update for chromium (important)
2022-04-19 00:00:00
Security update for opera (important)
2022-05-02 00:00:00
Security update for apache2 (important)
2022-03-28 00:00:00
openvas
openvas
Google Chrome Security Update (stable-channel-update-for-desktop_14-2022-04) - Mac OS X
2022-04-19 00:00:00
Google Chrome Security Update (stable-channel-update-for-desktop_14-2022-04) - Linux
2022-04-19 00:00:00
Debian: Security Advisory (DSA-5121-1)
2022-04-20 00:00:00
mscve
mscve
Chromium: CVE-2022-1364: Type Confusion in V8
2022-04-15 07:00:00
Chromium: CVE-2022-0609 Use after free in Animation
2022-02-16 08:00:00
Chromium: CVE-2022-1096 Type Confusion in V8
2022-03-26 07:00:00
nessus
nessus
Debian DSA-5121-1 : chromium - security update
2022-04-19 00:00:00
Google Chrome < 100.0.4896.127 Vulnerability
2022-04-14 00:00:00
Google Chrome < 100.0.4896.127 Vulnerability
2022-04-14 00:00:00
ubuntucve
ubuntucve
CVE-2022-1364
2022-07-26 00:00:00
CVE-2022-1096
2022-07-23 00:00:00
CVE-2022-0609
2022-04-05 00:00:00
cvelist
cvelist
CVE-2022-1364
2022-07-26 21:30:44
CVE-2022-0609
2022-04-04 23:55:32
CVE-2022-1096
2022-07-22 23:35:35
nvd
nvd
CVE-2022-1364
2022-07-26 22:15:09
CVE-2022-1096
2022-07-23 00:15:08
CVE-2022-0609
2022-04-05 00:15:17
debian
debian
[SECURITY] [DSA 5121-1] chromium security update
2022-04-16 18:29:01
[SECURITY] [DSA 5110-1] chromium security update
2022-03-28 07:03:21
[SECURITY] [DSA 5079-1] chromium security update
2022-02-17 22:13:55
kaspersky
kaspersky
KLA12512 DoS vulnerability in Google Chrome
2022-04-14 00:00:00
KLA12492 Type Confusion vulnerability in Microsoft Browser
2022-03-26 00:00:00
KLA12538 DoS vulnerability in Opera
2022-03-29 00:00:00
veracode
veracode
Type Confusion
2022-04-17 09:55:05
Denial Of Service (DoS)
2022-03-29 09:45:40
Use After Free
2022-02-20 05:48:53
chrome
chrome
Stable Channel Update for Desktop
2022-04-14 00:00:00
Chrome for Android Update
2022-04-14 00:00:00
Stable Channel Update for Desktop
2022-03-25 00:00:00
freebsd
freebsd
chromium -- multiple vulnerabilities
2022-04-14 00:00:00
chromium -- V8 type confusion
2022-03-25 00:00:00
chromium -- multiple vulnerabilities
2022-02-14 00:00:00
alpinelinux
alpinelinux
CVE-2022-1364
2022-07-26 22:15:09
CVE-2022-0609
2022-04-05 00:15:17
CVE-2022-1096
2022-07-23 00:15:08
ubuntu
ubuntu
Chromium vulnerability
2022-03-28 00:00:00
mageia
mageia
Updated chromium-browser-stable packages fix security vulnerability
2022-03-28 19:23:37
Updated chromium-browser-stable packages fix security vulnerability
2022-04-18 23:00:03
osv
osv
chromium-browser vulnerability
2022-03-28 12:33:58
chromium - security update
2022-03-28 00:00:00
Use after free in Animation
2022-02-22 21:51:19
debiancve
debiancve
CVE-2022-1096
2022-07-23 00:15:08
CVE-2022-0609
2022-04-05 00:15:17
CVE-2022-1364
2022-07-26 22:15:09
fedora
fedora
[SECURITY] Fedora 34 Update: chromium-99.0.4844.84-1.fc34
2022-04-07 15:15:37
[SECURITY] Fedora 35 Update: chromium-99.0.4844.84-1.fc35
2022-04-07 15:26:48
[SECURITY] Fedora 36 Update: chromium-99.0.4844.84-1.fc36
2022-05-07 04:44:56
gitlab
gitlab
Use after free in Animation
2022-02-22 00:00:00
Use after free in Animation
2022-02-22 00:00:00
Use after free in Animation
2022-02-22 00:00:00
hivepro
hivepro
First zero-day vulnerability of Google Chrome this year actively exploited in wild
2022-02-15 14:31:12
North Korean state-sponsored threat actor Lazarus Group exploiting Chrome Zero-day vulnerability
2022-03-25 14:16:43
Google Chrome issues an emergency update to address the third zero-day of year 2022
2022-04-17 21:38:48
cnvd
cnvd
Google Chrome Animation code execution vulnerability
2022-02-16 00:00:00
ics
ics
Rockwell Products Impacted by Chromium Type Confusion
2022-07-28 12:00:00
Rockwell Automation Connected Components Workbench
2023-09-21 12:00:00
cisa_kev
cisa_kev
Google Chromium V8 Type Confusion Vulnerability
2022-03-28 00:00:00
Google Chromium V8 Type Confusion Vulnerability
2022-04-15 00:00:00
Google Chromium Animation Use-After-Free Vulnerability
2022-02-15 00:00:00
github
github
Use after free in Animation
2022-02-22 21:51:19
The Chromium super (inline cache) type confusion
2022-06-29 18:39:46
malwarebytes
malwarebytes
Zero-day puts a dent in Chrome's mojo
2022-09-05 16:30:00
Update now! Google releases emergency patch for Chrome zero-day used in the wild
2022-03-28 13:42:54
Security vulnerabilities: 5 times that organizations got hacked
2022-06-21 10:04:02
avleonov
avleonov
Vulristics May 2022 Update: CVSS redefinitions and bulk adding Microsoft products from MS CVE data
2022-05-23 20:56:15
Microsoft Patch Tuesday March 2022
2022-03-14 17:33:28
Microsoft Patch Tuesday May 2022: Edge RCE, PetitPotam LSA Spoofing, bad patches
2022-05-26 21:21:57
prion
prion
Type confusion
2022-07-26 22:15:00
Type confusion
2022-07-23 00:15:00
Design/Logic Flaw
2022-04-05 00:15:00
qualysblog
qualysblog
The 9th Google Chrome Zero-Day Threat this Year โ€“ Again Just Before the Weekend
2022-12-03 05:24:27
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00
checkpoint_advisories
checkpoint_advisories
Google Chrome Use After Free (CVE-2022-0609)
2022-03-27 00:00:00
schneier
schneier
Chrome Zero-Day from North Korea
2022-03-31 11:13:50
qt
qt
Security advisory: Recently reported Chromium "Type confusion" issue impacts Qt WebEngine
2022-04-04 00:00:00
packetstorm
packetstorm
Chrome CVE-2022-1096 Incomplete Fix
2022-06-20 00:00:00
securelist
securelist
IT threat evolution in Q2 2022. Non-mobile statistics
2022-08-15 12:00:43
IT threat evolution in Q1 2022. Non-mobile statistics
2022-05-27 08:00:05
trellix
trellix
The Bug Report - March 2022 Edition
2022-04-06 00:00:00
The Bug Report - March 2022 Edition
2022-04-06 00:00:00
The Bug Report - February 2022 Edition
2022-03-02 00:00:00
googleprojectzero
googleprojectzero
2022 0-day In-the-Wild Exploitationโ€ฆso far
2022-06-30 00:00:00
cisa
cisa
CISA Adds Nine Known Exploited Vulnerabilities to Catalog
2022-02-15 00:00:00
gentoo
gentoo
Chromium, Google Chrome: Multiple vulnerabilities
2022-02-20 00:00:00
Chromium, Google Chrome, Microsoft Edge, QtWebEngine: Multiple Vulnerabilities
2022-08-14 00:00:00

0.042 Low

EPSS

Percentile

92.3%

JSON
Related for THN:E48AEFF468AB8445D91A32B6F5D7A770
thn12threatpost5cve3attackerkb3redhatcve1suse8openvas24mscve3nessus20ubuntucve3cvelist3nvd3debian3kaspersky8veracode3chrome4freebsd3alpinelinux3ubuntu1mageia2osv7debiancve3fedora6gitlab9hivepro5cnvd1ics2cisa_kev3github2malwarebytes4avleonov4prion3qualysblog2checkpoint_advisories1schneier1qt1packetstorm1securelist2trellix4googleprojectzero1cisa1gentoo2