Google Issues Emergency Chrome Security Update For All Users
Google has confirmed the eighth zero-day exploit impacting the Chrome browser on Windows, Mac, Linux, and Android platforms. An emergency fix addressing this single issue is being rolled out now, but you can force-update your browser immediately.
Other browser clients using the Chromium engine should also expect to see updates soon.
Google confirms Chrome zero-day number 8 for 2022
It used to be a very rare event when a Google Chrome update addressed a single security issue, reserved for those occasions where a vulnerability was known to be under exploit by attackers in the wild before a fix was available. In 2022 there have now been updates covering a total of eight such zero-days.
The latest, a high-severity heap buffer overflow issue in the Chromium GPU, is CVE-2022-4135. The zero-day, reported by Clement Lecigne of Google’s own Threat Analysis Group, could enable an attacker to escape the security sandbox (using a malicious HTML page) had they compromised the renderer process, according to the National Institute of Standards and Technology (NIST) national vulnerability database entry.
MORE FOR YOU
Google itself has released no further information regarding the zero-day. This is not uncommon with such a vulnerability so as to enable a majority of users to install the update and gain protection before other attackers try their hands.
All Google has said is that it is “aware that an exploit for CVE-2022-4135 exists in the wild.”
Update your Google Chrome browser now
The security updates have already started rolling out and will continue across the coming days and weeks. However, users are advised to force the update process, given that attackers are known to have exploit code already. This is particularly important for those users who maintain large numbers of open tabs and rarely restart the browser, as the update is only effective following a restart.
Head for Settings|About Chrome, and Chrome will check if you have the latest version and if not, then a download and installation will start automatically.
The security update takes Chrome to version 107.0.5304.121 or.122 for Windows, version 107.0.5304.121 for Mac and Linux, and version 107.0.5304.141 for Android.
READ MORE HERE