HomeLatest FeedsTechnology NewsUpdate Chrome Browser Now to Patch New Actively Exploited Zero-Day Flaw

Update Chrome Browser Now to Patch New Actively Exploited Zero-Day Flaw


Update Chrome Browser Now to Patch New Actively Exploited Zero-Day Flaw

Google on Thursday released software updates to address yet another zero-day flaw in its Chrome web browser.

Tracked as CVE-2022-4135, the high-severity vulnerability has been described as a heap buffer overflow in the GPU component. Clement Lecigne of Google’s Threat Analysis Group (TAG) has been credited with reporting the flaw on November 22, 2022.

Heap-based buffer overflow bugs can be weaponized by threat actors to crash a program or execute arbitrary code, leading to unintended behavior.

According to the NIST’s National Vulnerability Database, the flaw could permit a “remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.”

“Google is aware that an exploit for CVE-2022-4135 exists in the wild,” the tech giant acknowledged in an advisory.

But like other actively exploited issues, technical specifics have been withheld until a majority of the users are updated with a fix and to prevent further abuse.

CyberSecurity

With the latest update, Google has resolved eight zero-day vulnerabilities in Chrome since the start of the year –

Users are recommended to upgrade to version 107.0.5304.121 for macOS and Linux and 107.0.5304.121/.122 for Windows to mitigate potential threats.

Users of Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi are also advised to apply the fixes as and when they become available.



Mr.Mario
Mr.Mario
I am a tech enthusiast, cinema lover, and news follower. and i loved to be stay updated with the latest tech trends and developments. With a passion for cyber security, I continuously seeks new knowledge and enjoys learning new things.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Must Read