Select Page

Google on Thursday rolled out emergency fixes to contain an actively exploited zero-day flaw in its Chrome web browser.

The vulnerability, tracked as CVE-2022-3723, has been described as a type confusion flaw in the V8 JavaScript engine.

Security researchers Jan Vojtěšek, Milánek, and Przemek Gmerek of Avast have been credited with reporting the flaw on October 25, 2022.

“Google is aware of reports that an exploit for CVE-2022-3723 exists in the wild,” the internet giant acknowledged in an advisory without getting into more specifics about the nature of the attacks.

CVE-2022-3723 is the third actively exploited type confusion bug in V8 this year after CVE-2022-1096 and CVE-2022-1364.

images from Hacker News