Lucene search

K
hivepro
Hive ProHIVEPRO:573E7326CF205779BA6C4D3AB8DDB736
HistoryApr 17, 2022 - 9:38 p.m.

Google Chrome issues an emergency update to address the third zero-day of year 2022

2022-04-1721:38:48
Hive Pro
www.hivepro.com
34

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here A zero-day vulnerability has been discovered in Google Chrome versions prior to 100.0.4896.127. A type of confusion vulnerability tracked as CVE-2022-1364, is said to be exploited in the wild. This vulnerability affects the V8 component, which is used to parse JavaScript code in Google Chrome. A type of confusion refers to code errors in which an app begins data execution processes with a given “type” of input but is deceived into considering the input as a different “type”. The “type confusion” causes logical mistakes in the memory of the software. Successful exploitation of the vulnerability could allow an attacker to execute arbitrary code in the context of the browser. We recommend organizations update to Chrome 100.0.4896.127 for Windows, Mac and Linux to avoid exploitation and mitigate any potential threats. Potential MITRE ATT&CK TTPs are: TA0042: Resource Development T1588: Obtain Capabilities T1588.006: Obtain Capabilities: Vulnerabilities TA0001: Initial Access T1190: Exploit Public-Facing Application Vulnerability Detail Patch Links https://www.google.com/intl/en/chrome/?standalone=1 References https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_14.html

Be first who know about 0-days in popular software

Do not waste time on finding information in tons of articles. Subscribe yourself and your colleagues on news and articles about products you need and you use!

Subscribe on news
Related for HIVEPRO:573E7326CF205779BA6C4D3AB8DDB736