Google Chrome for macOS updated to fix very serious zero-day bug

47653 93045 44117 85757 40793 78797 000 lead Chrome xl xl


AppleInsider is supported by its audience and can earn commissions as an Amazon Associate and Affiliate on qualifying purchases. These affiliate partnerships do not affect our editorial content.

Google released an update to Chrome on Friday that includes a fix for a very serious zero-day bug that made it to the browser, an update now available for macOS.

The Chrome team said Friday that there was a “Stable Channel Update for Desktop” that brings Chrome to version 99.0.4844.84 on macOS, as well as Windows and Linux. The update is important because it fixes a very serious bug in the browser.

The issue, identified as CVE-2022-1096, is a “typing confusion” weakness for Chrome’s V8 JavaScript engine, Bleeping Computer reports. Identified by an anonymous security researcher, details of the bug’s operation are being kept limited until “a majority of users are updated with a fix.”

Google is deliberately hesitant about the details of the exploit, saying it has detected attacks that are actively using it. The team also insists that restrictions on exploit details remain in place if the same bug exists in third-party libraries that other projects rely on, which have yet to be fixed.

Type confusion refers to a bug that can cause a browser to crash as a result of reading and writing memory outside of the buffer boundaries. Not only can the bug cause crashes, but it can also be used by an attacker to execute code.

Google didn’t say when it would reveal details of the vulnerability, but that could depend on how long it takes a sufficient number of users to update their browsers.

The update to the new version is available as an automatic update, but can be performed manually in macOS by selecting “Chrome” from the main menu, followed by “About Google Chrome”. After the update has been downloaded, click on ‘Restart’.

Leave a Reply

Your email address will not be published.