Google has released Chrome update 100.0.4896.127 for Windows, Mac and Linux, which fixes a serious vulnerability (CVE-2022-1364) already used by attackers to perform attacks (0-day). Details have not yet been disclosed, it is only known that the 0-day vulnerability is caused by incorrect type handling (Type Confusion) in the Blink JavaScript engine, which allows processing an object with an incorrect type, which, for example, makes it possible to form a 64-bit pointer based on a combination of two different 32-bit values ββto provide access to the entire process address space. Users are advised not to wait for the automatic delivery of the update, but to check for its availability and initiate the installation via the Chrome > Help > About Google Chrome menu.
Source: opennet.ru