September 21, 2023

Google has patched an out-of-band flaw and actively exploited zero-day flaws in its Chrome web browser.

The flaw tracked as CVE-2022-4262 is a type confusion bug in the V8 JavaScript engine. This could be weaponized by threat actors to perform out-of-bounds memory access or lead to a crash and arbitrary code execution.


Google acknowledged active exploitation of the vulnerability but stopped short of sharing additional specifics to prevent further abuse.

This is the fourth actively exploited type confusion flaw that Google has addressed since the start of the year. It’s also the ninth zero-day flaw in Chrome attackers who have exploited in the wild in 2022

Users are recommended to upgrade to version 108.0.5359.94 for macOS and Linux and 108.0.5359.94/.95 for Windows to mitigate potential threats.

Last week, only Google patched the eighth zeroday bug with regard to heap buffer bug

Leave a Reply

%d bloggers like this: