Chrome Zero-Day Archives - Cyber Security Minute

Google Patches Third Actively Exploited Chrome Zero-Day of 2022

Issued by: Security Week

Tracked as CVE-2022-1364 and considered “high severity,” the exploited security hole is described as a type confusion in the V8 JavaScript and WebAssembly engine. Attacks targeting type confusion bugs in Chrome’s V8 engine may lead to arbitrary code execution. All Chromium-based browsers are impacted. “Google is aware that an exploit for CVE-2022-1364 exists in the…

Vulnerabilities

Google Patches Chrome Zero-Day Used by Commercial Exploit Company

Issued by: Security Week

Ten of the issues were reported by external security researchers: one rated critical severity, seven high severity, and two medium severity. All are patched in Chrome 91.0.4472.101 for Windows, Mac and Linux. The most severe of these is CVE-2021-30544, a critical use-after-free bug that impacts BFCache, a browser optimization meant to enable instant back and…