Type Confusion Vulnerability in Chrome V8 Javascript

In late March, Google released a security update for a new and actively-exploited vulnerability in the Chrome V8 Javascript engine, CVE-2022-1096.

Researchers have been credited with identifying the type of confusion vulnerability that, according to MITRE, “can lead to out-of-bounds memory access” in languages without memory protection. These include languages like C and C++. MITRE continues to explain that type confusion vulnerabilities occur when “the program allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type.”

Google stated in the security update that they’re aware of exploit(s) in the wild. This is a zero-day vulnerability, with version 99.0.4844.84 for Windows, Mac, and Linux, which will roll out in the coming days/weeks. Chromium-based browsers* should also be updated when patches become available.

A popular target

Chrome has become a popular target for attackers. It’s the most-used browser worldwide and eclipsed over 3 billion users in mid-2021. V8, the open-source Google JavaScript engine that powers both Chrome and other Chromium-based browsers* is an especially attractive target for attackers.

Vulnerabilities in the V8 engine allow for powerful and reliable exploits, often via memory. In an interview with ZDNet in August, Google Project Zero team member Samuel Groß highlighted that most modern security technologies, like hardware-based mitigation, may often be bypassed by V8 vulnerabilities.

Between the wide adoption of Chrome and Chromium-based browsers and the technical details that make the V8 engine within these browsers a reliable attack vector, we’re likely to continue to see Chrome be a popular target for threat actors.

Recommended remediation for Type Confusion Vulnerability in Chrome V8 Javascript

You can always fix vulnerabilities fast with Automox by using a “patch all” policy for every OS in your environment (which will also patch every third-party software we support).

Patch all policies ensure you fix vulnerabilities fast in the most common and highest risk applications. Use the device targeting feature to customize your policies so they are highly effective.

We recommend you set up these policies on a recurring schedule as patches have not yet been released – doing so will ensure you deploy updates as soon as they’re available. If you haven’t already, you can automate Chrome patching here.

*Chromium-based browsers include:

• Amazon Silk

• Brave

• Microsoft Edge

• Opera

Many browsers use Chrome’s open-source Chromium codebase. Be sure to check if the browser you use is Chromium-based.