Google has just released an update for the Windows version of its Chrome browser. The update should fix a zero-day vulnerability that has been discovered and actively exploited all around the world.
A high severity bug marked as CVE-2022-Google has patched 2294 in the latest stable Chrome build (103.0.5060.114).
Luckily, Google Chrome is updating automatically when the browser is restarted so a large number of clients are already patched. Still, it may take weeks for the update remainder to pop for the users that don’t close their browser regularly.
Google hasn’t provided access to the bug details and links since hackers could use them for leveraging this exploit. Once Google will be sure that the majority of clients have been patched, details about the exploit will be published.
According to Avast’s Jan Vojtesek, the flaw is a high-severity heap-based buffer overflow weakness that allows attackers to successfully exploit to crash programs and run arbitrary code on affected endpoints.
Users and Enterprise Admins are advised to keep their Chrome installations patched regularly in order to avoid possible exploits.