For the second time this spring, Google has issued an emergency Chrome for Mac update that patches critical security flaws.
Chrome 100.0.4896.127 details one of the flaws, CVE-2022-1364, which is listed with a severity of “high.” It is a Type Confusion in V8 vulnerability, Google’s open source high-performance JavaScript and WebAssembly engine. According to a blog post, Google is aware that an exploit for CVE-2022-1364 exists in the wild. When run, it can cause Chrome to crash or allow arbitrary code to be executed, which is never a good thing.
As usual, Google is restricting access to specifics about the vulnerability information until “a majority of users are updated.” Google previously patched its JavaScript engine in Chrome for Mac version 99.0.4844.84 to also fix a vulnerability that was known to have been exploited.
The update is rolling out to Mac users over the coming days/weeks, but you can get it manually by going to chrome://settings/help or Preferences > About Chrome > Check for Update. Then click Relaunch to install the update.
Author: Michael Simon, Executive Editor
Michael Simon has been covering Apple since the iPod was the iWalk. His obsession with technology goes back to his first PC—the IBM Thinkpad with the lift-up keyboard for swapping out the drive. He's still waiting for that to come back in style tbh.