Google Patch Sixth Zero-day
Google issued a critical security update for Google Chrome version 105.0.5195.102 for Windows, Mac, and Linux on September 02, 2022. In response to a researcher finding and tracking the high-severity zero-day vulnerability CVE-2022-3075, Google released this urgent security patch. According to Google, this is the sixth Chrome zero-day vulnerability of 2022 that has been fixed.
The research claims that Mojo’s weak data validation is to blame for the vulnerability. A group of runtime libraries known as Mojo offer a platform-independent method to make it simple to send messages across various inter- and intra-process boundaries. On August 30, a researcher who wishes to remain anonymous found this weakness.
Google is aware that the vulnerability can be exploited in the wild as of this writing, but they have not given any additional information.
The Chrome 105.0.5195.102 Stable Desktop channel has already been made available by Google and will be made available to all users in the coming weeks.
Users and Organizations are recommended to update security patches to prevent exploitation attempts.
The past zero day vulnerabilities patch are as follows.
- First Chrome zero-day vulnerability of 2022, CVE-2022-0609
- Second Chrome zero-day vulnerability of 2022, CVE-2022-1096
- Third Chrome zero-day vulnerability of 2022, CVE-2022-1364
- Fourth Chrome zero-day vulnerability of 2022, CVE-2022-2294
- Fifth Chrome zero-day vulnerabilities of 2022, CVE-2022-2856
Source
https://thehackernews.com/2022/09/google-release-urgent-chrome-update-to.html
https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop.html
Related Publications