Just two days after Google released version 107 of its Chrome web browser, the developers have again released a bug-fix version. The update fixes exactly one security vulnerability with a high risk rating.
The vulnerability is a type confusion in the JavaScript engine V8 (CVE-2022-3723). The 107 release on Wednesday last week already fixed an identical error. There are no other changes in Google's release notes.
In a type confusion, the program code allocates or initializes a resource such as a pointer, object, or variable with a specific type, but later accesses the resource with an incompatible data type. This can lead to access outside the allocated memory and thus to the execution of injected code.
With the update, Google's developers are upgrading the web browser to new versions. Chrome for Linux and Mac is now up to date with version 107.0.5304.87, on Windows it is versions 107.0.5304.87 and 107.0.5304.88. Version 107.0.5304.91 is available for Google's Android operating system. Google has also pushed the Extended Stable version of Chrome for Mac and Windows to version 106.0.5249.168.
You can find out whether the current Chrome version is already running by clicking on the Chrome settings menu, which is behind the symbol with the three stacked dots to the right of the address bar. At the bottom, go to Help and then to About Google Chrome. The dialog that opens shows the version currently in use and, if available, triggers the download and installation of the update. As usual, Linux users have to start their own distribution software management. Android and iOS users can check for updates in their device's app stores.
Since the JavaScript engine V8 is also used in the Chromium browser, other Chromium-based web browsers such as Microsoft's Edge will probably also be updated shortly. Users should install them quickly because of the potential risk.