Hackers are already using new vulnerabilities, said Google. Due to this, Chrome users running on Windows, Mac, and Linux are urged to install the latest update immediately.
Google has published a security update for the Chrome browser for Windows, Mac, and Linux to correct a newly identified zero-day vulnerability that hackers actively exploit. Users are advised to install the security update as soon as possible.
The update brings Google Chrome to version 105.0.5195.102. In addition, it resolves what is known as a high-severity security issue (CVE-2022-307) involving inadequate data validation in Mojo, a collection of runtime libraries used in Chromium. This engine generates the majority of the code that powers Google Chrome.
Google stated that it is “aware of reports that an exploit for CVE-2022-3075 exists in the wild.”
Users will receive the security fix over the next few days and weeks. When Chrome prompts users to update, they are advised to do so.
Google has not provided the exact details of the security update, which notes that “access to bug details and links may be kept restricted until a majority of users are updated with a fix.”
The vulnerability information is likely being kept hidden for the time being to stop cybercriminals from exploiting it before the majority of Google Chrome users have had a chance to install the update.
An anonymous cybersecurity researcher informed Google of this vulnerability and will be compensated with Google’s bug bounty rewards.
Further, Google says, “We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.”
Presented by CTC News