SECURITY ALERTS

A Vulnerability (CVE-2022-3723) Exists in Google Chrome, Microsoft Edge, Brave, and Vivaldi Could Allow for Arbitrary Code Execution

DESCRIPTION:
A Vulnerability (CVE-2022-3075) Exists in Google Chrome, Microsoft Edge, Brave, and Vivaldi which are based on Chromium. The vulnerability is a type confusion bug in the Chrome V8 Javascript engine. A remote attacker can execute arbitrary code on the system.

 

AFFECTED RELEASES:
Google Chrome prior to 107.0.5304.87
Microsoft Edge prior to 107.0.1418.26
Brave prior to 1.45.116
Vivaldi prior to 5.5.2805.42

 

SOLUTION:
Upgrade to at least Google Chrome 107.0.5304.87 by following steps:
1. Open the Google Chrome browser.
2. Enter “chrome://settings/help” in the address bar. The window that appears will automatically check for updates and show you the current version of Chrome.
3. After Chrome is updated, click the “RELAUNCH” option to restart Chrome and complete the update.

Upgrade to at least Microsoft Edge 107.0.1418.26 by following steps:
1. Open the Microsoft Edge browser.
2. Enter “edge://settings/help” in the address bar. The window that appears will automatically check for updates and show you the current version of Edge.
3. After Edge is updated, click the “RELAUNCH” option to restart Edge and complete the update.

Upgrade to at least Brave 1.45.116 by following steps:
1. Open the Brave browser.
2. Enter “brave://settings/help” in the address bar. The window that appears will automatically check for updates and show you the current version of Brave.
3. After Brave is updated, click the “RELAUNCH” option to restart Brave and complete the update.

Upgrade to at least Vivaldi 5.5.2805.42 by following steps:
1. Open the Vivaldi browser.
2. Click Vivaldi menu button > Help > Check for Updates.
3. When an update is available, click on Install Update in the bottom right corner to complete updating Vivaldi.

 

REFERENCE:
1. https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_27.html
2. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3723
3. https://3c.ltn.com.tw/news/51336
4. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-3723
5. https://github.com/brave/brave-browser/releases/tag/v1.45.116
6. https://vivaldi.com/blog/desktop/minor-update-three-5-5/

Back To Top