Major updates to Google’s Chrome and Microsoft Edge browsers are generally released every four weeks, but minor patches to fix bugs, performance issues, and security vulnerabilities are also occasionally released.
Recently, both Edge and Chrome browsers received an emergency patch to fix a security flaw in Chromium. The vulnerability is tagged as CVE-2022-1096, and so far there have been few public disclosures about the vulnerability. The Microsoft Security Response Center (MSRC) simply describes it as Type Confusion in V8.
V8 is the JavaScript engine used in Chromium, and Microsoft further emphasizes that the vulnerability is being widely exploited. Patched in Edge 99.0.1150.55 release. Users can click the three-dot button in the upper right corner of the Edge browser and navigate to Help & Feedback > About Microsoft Edge to get the update manually.
The vulnerability was reported by an unnamed person on March 23 and has been marked as a “high” severity level. Google is apparently aware of this and has also pushed a security patch in Chromium 99.0.4844.84 for Windows, Mac, and Linux versions.