Google released a security bulletin to reveal the CVE-2022-1096 vulnerability, which is a major security threat to Type Confusion in V8. To ensure security, Google has released an emergency security update to fix this vulnerability, the corresponding version number is Google Chrome 99.0.4844.84.
The security vulnerability, numbered CVE-2022-0609, was submitted by an anonymous researcher, and the vulnerability was discovered on March 23.
According to Google, “Google is aware that an exploit for CVE-2022-1096 exists in the wild.” At present, it is only known that this vulnerability is a Type Confusion in V8. According to MITRE’s Common Weakness Enumeration, Type confusion errors arise when”The program allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.”
Users of Google Chrome can go to the About page of the settings, where they can see the current version number and can automatically check the latest version. If the user deploys the online installation package, it can be updated automatically. If the user deploys the offline installation package, the user needs to manually download the new version to upgrade.
