If you think you’re experiencing deja vu after reading this headline, you’re not: Google has reported another zero-day vulnerability affecting Chrome, and, by extension, all of its users. Luckily, there’s now a patch: Google issued a security report Thursday, April 14, stating the company had updated Chrome to a new build, 100.0.4896.127, to address this newly discovered flaw.
What’s the latest Google Chrome security vulnerability?
Another Chrome 0day (CVE-2022-1364) in the wild found by @_clem1 . Reported to Chrome yesterday and updated release out now: https://t.co/JIboCmb0yJ— Shane Huntley (@ShaneHuntley) April 14, 2022
Incredibly impressive how fast @googlechrome is getting at rolling out fixes.
Unfortunately for the entire Chrome community, Google confirmed that such an exploit for CVE-2022-1364 exists in the wild. That means someone, somewhere, knows about the flaw and has figured out how to use it against others. When there’s an available exploit for a zero-day vulnerability, it’s imperative for developers to patch it as soon as possible.
Why hasn’t Chrome been patched yet?
Although the patch is finished, Google hasn’t rolled it out for all Chrome users at this time. According to the company, the rollout will occur the next days and weeks, meaning you might not see it for some time. However, because of the severity of the situation, we recommend checking for the update often until it becomes available on your browser.
To check, click the three dots in the top-right corner of your browser window, choose “Help,” then choose “About Google Chrome.” Allow Chrome a moment to look for a new update. If one is available, you’ll see it here. Once the update is installed, Chrome will relaunch, protected against CVE-2022-1364.