V8 Type Confusion Vulnerability Hits Google Chrome, Microsoft Edge Browser | #microsoft | #hacking | #cybersecurity


A recent in-the-wild exploit has hit Google Chrome and Microsoft Edge browsers anew. 

With that, the search engine giant issued a warning to all users that they should immediately update their builds to the latest version 99.0.4844.84 following this incident.

V8 Type Confusion Inhabits Chrome, Edge Browser

(Photo : Firmbee.com from Unsplash)
Google said that Chrome users should update their browser to the latest build following a recent report regarding the V8 type confusion vulnerability.

ZDNET recently published a security report about the latest exploit that attacked the popular browser. According to the article, Google said that the latest vulnerability called “CVE-2022-1096: Type Confusion in V8” emerged in a report submitted by an anonymous sender last Wednesday, March 23.

Speaking of this exploit, the V8 is considered to be the browser’s engine for JavaScript. Although the company did not go into the full details of its impact, this particular exploit thrives in Node.js server-side.

Following this announcement, the tech titan noted that they would restrict some details regarding this bug in the meantime. It would still take some time before it eases up the report, particularly when many Chrome users started to update their browser version.

“We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven’t yet fixed,” the team wrote on its Chrome Releases on Friday, March 25.

On the other hand, Microsoft published a separate notice regarding the V8 Type Confusion vulnerability. The Redmond firm addressed the fix for the Edge version 99.0.1150.55 on Saturday, March 26.

Related Article: Google Chrome Users Beware: 8 ‘High’ Threat Exploits Exposed | Here’s How to Protect Yourself From These Hacks 

How Can Google Avoid Chrome Exploits

It should be noted that over the past months, Google has been bombarded by unexpected exploits which specifically affected its Chrome browser. 

In a previous report from Android Police, the company usually fixed the issues for Chrome 76 for up to 35 days. Recently, it became a much faster cycle for Google to address this problem which now only takes about 18 days on average.

More importantly, the tech giant is reportedly focusing on improving its sandbox. This would help prevent potential JIT (just-in-time) compilation bugs on Javascript.

Google sees some improvement in launching extra checks for a running browser. This is where the “memory safety” bugs will enter. Due to the compiling errors that the browser experiences, the company brought them out.

Usually, the common problems that users face include browser performance decline and huge memory usage. 

Google needs to thoroughly assess the appropriate solution for these issues in order to release an effective outline for potential security developments.

Because the bugs could propagate faster, the company should amp up their effort of suppressing them. Per Chrome Security team’s Adrian Taylor, more exploits come out because some single-bug attacks now require multiple bugs.

In other news, FCC recently labeled Russian cybersecurity firm Kaspersky as a national security threat. Despite this allegation, the security lab will continue to work with the US, per Tech Times.

Read Also: Google Chrome Users Urged To Update After Two New Vulnerabilities In The Browser Were Discovered

This article is owned by Tech Times

Written by Joseph Henry 

ⓒ 2021 TECHTIMES.com All rights reserved. Do not reproduce without permission.



Original Source link

Leave a Reply

Your email address will not be published.

seventeen + = twenty one