Security flaw in the Javascript engine: Chrome and Edge need to be updated immediately

Google and Microsoft have urged users to update their browsers to the latest build as soon as possible, now close to versions 100, after the publication of a security report related to the vulnerability called “CVE-2022-1096: Type Confusion in V8”.

The fix for this exploit was distributed with Chrome update 99.0.4844.84 for Windows, Mac, and Linux, Chrome 99.0.4844.88 for Android, and Edge version 99.0.1150.55. By default, updates should take place in automatic mode but it is still advisable to verify that you have received them and, if not, to download and update them manually.

V8 is the engine used by the Chrome and Edge browsers for processing the JavaScript code which is also used on the server side in Node.js. While both companies did not delve into all the details regarding the impact, the exploit was still tagged with a “High” severity level.

“CVE-2022-1096: Type Confusion in V8” refers to a coding bug during which an application initializes data execution operations using input of a specific “type”, but is tricked into treating the input as a different “type”. This leads to logical errors in the application memorywhich can allow an attacker to execute unlimited malicious code within an application.

Leave a Comment