Skip to main content

Google and Microsoft release emergency patches in security update

google search on a laptop
(Image credit: Photo by Firmbee.com from Pexels)

Google and Microsoft have released emergency patches to tackle security vulnerabilities discovered in both the Chrome and Edge web browsers.

The Google Chrome update is a patch for Windows, macOS and Linux versions of the browser in response to zero-day vulnerability, which is being exploited according to the company.

Microsoft has also taken measures to tackle the same vulnerability issue found to be affecting its Edge browser, which uses the Chromium engine. 

Although details released about the problem are limited, Google has suggested the severity level is high but due to vulnerabilities being actively exploited it hasn’t gone into any great detail.

Google’s patch updates will take Chrome to version 99.0.4844.84 on the three operating systems. It follows issues discovered by eagle-eyed researchers who have since been working to tackle the problem.

Related: Best password managers.

Google and Microsoft updates

A blog post from Google fills in some of the details. Google has also been quick to acknowledge help received from those who identified it in the first place:
[$TBD][1309225] High CVE-2022-1096: Type Confusion in V8. Reported by anonymous on 2022-03-23

We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.

Google is aware that an exploit for CVE-2022-1096 exists in the wild. 

Chrome users should update their browser as soon as possible, via the main menu, by selecting Help and then About Google Chrome. This is on top of Google's regular monthly updates.

Meanwhile, anyone using Microsoft’s Edge web browser, which uses the Chromium engine, should consider installing the patch issued by the company. Again, details on specifics are sparse but Microsoft’s Security Response Centre does give hints in a brief summary:

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

Google is aware that an exploit for CVE-2022-1096 exists in the wild.

Anyone using Microsoft Edge is therefore encouraged to open their browser, select Help and Feedback and then About Microsoft Edge in order to complete the update as soon as possible.

Explore the best ID theft companies.

Rob Clymo has been a tech journalist for more years than he can actually remember, having started out in the wacky world of print magazines before discovering the power of the internet. Since he's been all-digital he has run the Innovation channel during a few years at Microsoft as well as turning out regular news, reviews, features and other content for the likes of TechRadar, TechRadar Pro, Tom's Guide, Fit&Well, Gizmodo, Shortlist, Automotive Interiors World, Automotive Testing Technology International, Future of Transportation and Electric & Hybrid Vehicle Technology International. In the rare moments he's not working he's usually out and about on one of numerous e-bikes in his collection.