Patch Google Chrome now to fix this emergency security flaw
Google has released an update for a high-severity zero-day vulnerability, known as CVE-2022-4135, which impacts its Chrome browser.
The search giant said that an exploit for the vulnerability, detected by the French security researcher Clement Lecigne, exists in the wild, meaning users could be at risk.
Google said it won’t disclose much information about the nature of the vulnerability “until a majority of users are updated with a fix” and that it “will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven’t yet fixed”.
So, what do we know?
Google was able to disclose that the vulnerability was an example of what’s called a “heap buffer overflow”, a variety of buffer overflow where a buffer that is vulnerable to overwriting is located in the “heap” portion of the system’s memory.
Disclosing anymore could “tip off” bad actors about the vulnerability before the vast majority of Google Chrome’s users are fully patched.
Users who want to avoid the risk of being impacted are advised to update to 107.0.5304.121 for Mac and Linux and 107.0.5304.121/.122 for Windows, which are both sets that will roll out over the coming days and weeks.
Google’s flagship Chrome browser has certainly racked up a stable number of security vulnerabilities in recent years.
The browser currently boasts around 66 percent market share according to data from StatCounter (opens in new tab), and has had 303 vulnerabilities unearthed between January 1, 2022, to October 5, 2022 according to data from
In contrast, Safari only had 26 vulnerabilities revealed in the same time period, while Microsoft Edge had 103 vulnerabilities,s and Mozilla Firefox came in second place with 117 vulnerabilities.
READ MORE:
This includes a zero-day vulnerability called CVE-2022-3723 uncovered earlier this month, which apparently represented a “Type Confusion flaw” which impacted Chrome’s V8 JavaScript engine.
As per a report from cybersecurity company Avertium, the vulnerability could have potentially enabled bad actors to dupe Chrome into running malignant malware.
Audio player loading… Google has released an update for a high-severity zero-day vulnerability, known as CVE-2022-4135, which impacts its Chrome browser. The search giant said that an exploit for the vulnerability, detected by the French security researcher Clement Lecigne, exists in the wild, meaning users could be at risk. Google…
Recent Posts
- Oregon’s governor signs right-to-repair law that bans ‘parts pairing’
- Philips Hue lights to work way better with Samsung TVs and SmartThings, for a price
- With just $700 and a Raspberry Pi — you too can become a cybercriminal
- The new MacBook Air M3 is $100 off for the first time
- GLAAD report says Meta allows anti-trans hate to ‘flourish’ on its platforms
Archives
- March 2024
- February 2024
- January 2024
- December 2023
- November 2023
- October 2023
- September 2023
- August 2023
- July 2023
- June 2023
- May 2023
- April 2023
- March 2023
- February 2023
- January 2023
- December 2022
- November 2022
- October 2022
- September 2022
- August 2022
- July 2022
- June 2022
- May 2022
- April 2022
- March 2022
- February 2022
- January 2022
- December 2021
- November 2021
- October 2021
- September 2021
- August 2021
- July 2021
- June 2021
- May 2021
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- December 2011