Google Releases Security Patch for Chromium-Based Browsers
Web browsers, like all software, are vulnerable to hacking and malicious activity. When a new security flaw is discovered, it’s important for the developer to patch it right away. This week, we saw that with Chrome, and other Chromium-based browsers.
On Friday, March 25, Google released an update for Chrome , version 99.0.4844.84. This update was small, according to the release notes, only adding one thing: A patch for a security vulnerability. The flaw, referred to as CVE-2022-1096, is a type confusion vulnerability, where a program runs an incompatible object without verifying it first. While this can result in the software crashing, it can also be exploited by bad actors to run arbitrary code.
Aside from this definition, Google offered little detail about the vulnerability. The company says it does not want this information out in the world until enough users have installed the patch and updated their browsers. That said, according to Google, there have been attacks exploiting this flaw in the wild, so it isn’t a secret to hackers.
The two biggest browsers affected by this flaw are Google Chrome and Microsoft Edge. To install the patch, click the three dots in the top-right corner of your browser window, choose the Help option, then choose “About Google Chrome” or “About Microsoft Edge.” If the update is available, you’ll see it here on this page.