Google fixes a zero-day vulnerability in Chrome browser


Google has released Chrome 103.0.5060.114 for devices running Windows. The update fixes a dangerous zero-day vulnerability that is in use by hackers in practice. For the fourth time this year, Google has released a patch to address a zero-day vulnerability in Chrome.

Google has confirmed that developers are aware of the existence of an exploit based on the CVE-2022-2294 vulnerability. The issue has got a fix in the mentioned version of Chrome, which began rolling out this week. We expect that it will become available to all browser users in the near future. We do not recommend to delay the installation of the patch; for which it is enough to check for updates through the Chrome update menu.

Google fixes a fresh Chrome zero-day vulnerability used in attacks

google chrome

Gizchina News of the week

As for the CVE-2022-2294 vulnerability itself; its operation associates with a buffer overflow of the Web Real-Time Communications (WebRTC) component. The problem became a few days ago, when it was in reports by Avast Threat Intelligence specialists. The exploitation of the vulnerability allows attackers to perform various actions on the victim’s device, including the remote execution of arbitrary code.

Despite the fact that we know about the exploitation of the CVE-2022-2294 vulnerability in practice; Google is in no hurry to disclose details regarding this problem. The company noted that access to information about the vulnerability will be limited until a patch that eliminates it is installed on the devices of the vast majority of Chrome users, which may take several weeks.

“Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” Google said. “We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed”. We advise you to immediately update your Chrome browser.

Disclaimer: We may be compensated by some of the companies whose products we talk about, but our articles and reviews are always our honest opinions. For more details, you can check out our editorial guidelines and learn about how we use affiliate links.

Source/VIA :
Previous Most Of You Can't Buy Xiaomi Mi 12S Ultra!
Next Xiaomi Band 7 Pro gets its first ever firmware update on Day 1