个人电脑 editors select 和 review products 独立. If you buy through affiliate links, we may earn commissions, which help support our testing. 了解更多.

Google Patches This Year's Second Actively Exploited Chrome Zero-Day

再见,cve - 2022 - 1096.

2022年3月26日
(3alexd /盖蒂图片社)

Google has updated Chrome to address the second actively exploited 零日 vulnerability, which the company has identified as CVE-2022-1096, discovered in the browser this year.

第一个铬 零日 2022年 发现2月. That flaw, CVE-2022-0609, was 后来发现 have been exploited by two state-sponsored North Korean hacking groups looking to compromise numerous targets across various industries within the US.

Now a second actively exploited Chrome 零日 has been discovered. Google hasn't revealed much about the vulnerability at time of writing; the company merely says that it's a High severity type confusion flaw that was found in the V8 open source JavaScript 和 WebAssembly engine.

Other information about the vulnerability—including who reported it, how much they'll earn via Google's bug赏金计划, or how it can be exploited—hasn't been revealed. Google does say that it's "aware that an exploit for CVE-2022-1096 exists in the wild," however.

Google says it's released a patch for CVE-2022-1096 with Chrome version 99.0.4844.84 for 窗户, Mac, 和 Linux 和 that the release will "roll out over the coming days/weeks." But the browser's users can also 手动更新 if they don't want to wait for the automatic update.

比如你正在阅读的内容?

报名参加 安全Watch newsletter for our top privacy 和 security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our 使用条款隐私政策. You may unsubscribe from the newsletters at any time.


谢谢你的报名!

Your subscription has been confirmed. 密切关注你的收件箱!

报名参加 other newsletters

你会喜欢的个人电脑故事

关于纳撒尼尔·莫特

纳撒尼尔·莫特

纳撒尼尔·莫特 is a writer 和 editor who has contributed to 《betway体育》, Tom's Hardware, 和 several other publications in varying capacities since 2011.

Read the latest from 纳撒尼尔·莫特