If you use Google Chrome, you should update your app immediately. Google has confirmed that its browser has a high-risk zero-day vulnerability that hackers are already exploiting. That means that your data and device on which the Chrome browser is installed may remain prone to hacking as long as the new update is not installed. The fact that Google released the new version as an emergency update hints that this security issue in the browser is serious.

Google has rolled out Chrome version 99.0.4844.84 for Windows, Mac, and Linux, urging users to update their browser as soon as possible. In a Chrome Releases Blog Post, Google has explained that this version has just one security update focused on the zero-day exploit CVE-2022-1096, which was first reported by an anonymous researcher earlier this month. As explained by Google, this zero-day vulnerability resides in Chrome's JavaScript engine and exploits are already underway by hackers to inject malicious code into the browser. Google said it will not reveal any more information about this vulnerability until a large chunk of Chrome users have downloaded the fix.

Since the vulnerability exists in the Chromium engine, it also affects the Microsoft Edge browser. Microsoft has confirmed that the vulnerability exists in Edge and that it has already rolled out a fix to ensure protection against any potential exploits. The Microsoft Edge browser running version 99.0.1150.55 or higher is no longer vulnerable to the CVE-2022-1096 vulnerability, but if you have a version lower than this, you need to take this matter with a little seriousness and update your browser.

What is CVE-2022-1096 vulnerability?

While not much is known about this vulnerability, some research papers have hinted that CVE-2022-1096 is a "Type Confusion in V8." This simply refers to the JavaScript engine in Google Chrome and Microsoft Edge, both of which are Chromium-based browsers. Since the anonymous researcher shared details of the vulnerability privately with Google, it is up to Google now when and if it wants to publicise the details. Its current decision not to do that may be based on the assumption that doing so would create panic and people would resort to uninstalling Chrome instead of updating it.

How to update Google Chrome?

It is very simple. Go to the Chrome menu by clicking on the three dots in the top right corner. Now head to Help. Click on "About Google Chrome". Your browser will automatically begin checking for a new update and when it finds one, the download will also start automatically. After the update is downloaded and installed, Chrome will ask you to relaunch the browser for the changes to come into effect. While restarting your system is not a mandatory step in the process, I would recommend you do that.