What Is CVE-2022-3723?
Google rolled out a security fix for a high severity vulnerability in its Chrome browser. CVE-2022-3723 is a type confusion issue in V8 JavaScript engine which was reported by Jan Vojtěšek, Milánek, and Przemek Gmerek of Avast.
Unfortunately, there are reports that an exploit for CVE-2022-3723 exists in the wild. Chrome’s Stable channel has been updated to version 107.0.5304.87 for Mac and Linux and version 107.0.5304.87/.88 for Windows.
“We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel,” Google said.
What Is a Type Confusion Vulnerability?
This type of vulnerability occurs when a program allocates or initializes a resource (a pointer, object, or variable) using one type but accesses the resource via a type incompatible with the original type.
Another example of such a vulnerability that affects Chrome and V8 is CVE-2022-1364 which was reported by Clément Lecigne of Google’s Threat Analysis Group earlier this year. The flaw was rated as high in severity.
To install any update immediately, you can jump to Google Chrome menu, select Help, then About Google Chrome, and apply the update. Also note that your browser will check automatically for new updates and install them the next time you relaunch the browser.
Milena Dimitrova
An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Follow Me: