ENGLISH Search Menu
Alerts & News Security Alerts Security News

SECURITY ALERTS

A Vulnerability (CVE-2022-1364) Exists in Google Chrome, Microsoft Edge, Brave, Vivaldi and Opera Could Allow for Arbitrary Code Execution

DESCRIPTION:
A Vulnerability (CVE-2022-1364) Exists in Google Chrome, Microsoft Edge, Brave, Vivaldi and Opera which based on Chromium. The vulnerability is related to the V8 JavaScript engine to process JavaScript code. The vulnerability can exploit the V8 engine to treat a JS object as an JS array and run arbitrary code on the targeted system.

 

AFFECTED RELEASES:
Google Chrome prior to 100.0.4896.127
Microsoft Edge prior to 100.0.1185.44
Brave prior to 1.37.116
Vivaldi prior to 52.2623.39

 

SOLUTION:
Upgrade to at least Google Chrome 100.0.4896.127 by following steps:
1. Open the Google Chrome browser.
2. Enter “chrome://settings/help” in the address bar. The window that appears will automatically check for updates and show you the current version of Chrome.
3. After Chrome is updated, click the “RELAUNCH” option to restart Chrome and complete the update.

Upgrade to at least Microsoft Edge 100.0.1185.44 by following steps:
1. Open the Microsoft Edge browser.
2. Enter “edge://settings/help” in the address bar. The window that appears will automatically check for updates and show you the current version of Edge.
3. After Edge is updated, click the “RELAUNCH” option to restart Edge and complete the update.

Upgrade to at least Brave 1.37.116 by following steps:
1. Open the Brave browser.
2. Enter “brave://settings/help” in the address bar. The window that appears will automatically check for updates and show you the current version of Brave.
3. After Brave is updated, click the “RELAUNCH” option to restart Brave and complete the update.

Upgrade to at least Vivaldi 52.2623.39 by following steps:
1. Open the Vivaldi browser.
2. Click Vivaldi menu button > Help > Check for Updates.
3. When an update is available, click on Install Update in the bottom right corner to complete updating Vivaldi.

 

REFERENCE:
1. https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_14.html
2. https://www.ithome.com.tw/news/150434
3. https://www.hkcert.org/security-bulletin/google-chrome-remote-code-execution-vulnerability_20220419
4. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-1364
5. https://github.com/brave/brave-browser/releases/tag/v1.37.116
6. https://vivaldi.com/blog/desktop/minor-update-six-5-2/
7. https://vivaldi.com/blog/desktop/security-fix-vivaldi-browser-snapshot-2649-3/
8. https://www.forbes.com/sites/daveywinder/2022/04/17/emergency-security-update-for-32-billion-google-chrome-users-attacks-underway/?sh=19a2c63836a5
 

 Back To Top