Google Patches Chrome to Tackle a Dangerous Zero-Day Exploit
On July 4th, 2022, Google released a patch to address the threat of CVE-2022-2294, a security vulnerability found in its Chrome web browser.
Google has stated this new update (version 103.0.5060.114) will be available to all Chrome users globally within a few weeks. And users have been advised to update their software and install this “critical security fix” as soon as possible to prevent falling victim to this vulnerability.
This Is the Fourth Chrome Zero-Day of 2022
Though the CVE-2022-2294 vulnerability is currently being exploited, Google is yet to release much information concerning how to detect it. The company merely posted a quick update on theGoogle Chrome Releases Blog.
The CVE-2022-2294 vulnerability has already been exploited by malicious parties and was only discovered when Jan Vojtesek from the Avast Threat Intelligence team reported the flaw on July 1st.
This threat is associated with a heap overflow flaw within Chrome’s Web Real-Time Communication (Web RTC) component, which gives the browser its real-time communications capabilities. Also known as “heap smashing” or “heap overruns”, this weakness in the wild can lead to harmful denial-of-service (DoS) attacks.
Information on the vulnerability has likely been withheld to prevent cybercriminals from learning too much about it. But we do know that this is now the fourth zero-day vulnerability to be patched this year. Previous weaknesses include:
Update Google Chrome ASAP
Because this particular zero-day exploit (what are zero-day exploits?) is high severity in terms of risk, updating your Chrome browser should be a priority.
If you’re using a macOS, Linux, or WIndows-powered device, you’re advised to download version 103.0.5060.114. If you’re using an Android-powered device, updating to version 103.0.5060.71 is recommended.
In most cases, Chrome will automatically install this update, but will not do so if your automatic update feature is disabled. Check your browser settings to verify whether you’re set for automatic updates, or if you need toinstall the newest version of Chrome manually.
Future Zero-Day Exploits Are Always a Possibility
As time passes, we may see future zero-day vulnerabilities occur within Chrome’s web browser. Though this will always be a risk, Google’s speedy responses will hopefully mitigate any damage done by malicious actors who exploit this kind of weakness.
Google Chrome doesn’t want to let you, but Windows users can disable automatic updates in just a few easy steps.
Your phone is a better editor than you give it credit for.
These plugins will make you wonder why you used Photoshop in the first place.
You don’t need to fork out for expensive hardware to run an AI on your PC.
Not all true crime is about hacking, slashing, and gore.
Anyone with more than a passing interest in motorsports must see these films.
