Issued: Monday, 31 October, 2022 |
Last Revision: Monday, 31 October, 2022 |
Vendor: |
Product: |
Severity Level: |
Google has released emergency update to fix the actively exploited zero-day vulnerability in its Chrome web browser. The exploited vulnerability is tracked as CVE-2022-3723 and described as a type confusion flaw in the V8 JavaScript engine.
On the successful exploitation of the vulnerability, attacker can execute arbitrary code, install programs, view, change, or delete data; with other malicious activities.
| CVE/Vulnerability | Description | Severity | Exploitable |
| |
| CVE-2022-3723 | Type confusion flaw in the V8 JavaScript engine | Critical | Yes |
| |
Table 1: Vulnerability details
| CVE/Vulnerability | Product(s) Detail |
| |
| CVE-2022-3723 | Google Chrome versions prior to 107.0.5304.87/.88 (Windows) Google Chrome versions prior to 107.0.5304.87 (Mac and Linux) |
| |
Table 2: Vulnerable versions
All entities should update to the version 107.0.5304.87 for macOS /Linux and 107.0.5304.87/.88 for Window, respectively.