Tech

It’s time to update: Google Chrome browser patched serious security hole


one-woman-work-from-home-in-living room

Image: Getty/damircudic

Google has released a security update for Chrome to protect users from a newly discovered high-severity vulnerability in the browser that Google has warned is being actively exploited by cyber attackers. waterfall.

The Update stable channel for Google Chrome on desktop for Windows, Mac and Linux browser versions. Users should apply the security update as soon as possible – something Google Chrome will do automatically when closing and reopening the browser.

Bug fix update CVE-2022-4262, a vulnerability classified as high severity allows a remote attacker the ability to exploit the Type Confusion issue in the Google V8 javascript engine by causing heap failure through a manually generated HTML page. labour.

A ‘heap’ is a reserved area of ​​computer memory that a program uses to store variable amounts of data – and heap corruption occurs when a program corrupts the interface of the heap, which can leads to memory errors that can be abused by an attacker.

Also: Cybersecurity: Here are the new things to worry about in 2023

Google claims that it is aware that an exploit for CVE-2022-4262 is active in the wild – in other words, it is being actively used by cybercriminals to promote malicious hacking campaigns – but has not provide any information on how this exploit lays, just in case of giving other attackers a way to use it before the user is protected.

“Access to bug details and links may be restricted until the majority of users have been updated with the fix. We will also retain restrictions if the bug exists in a third-party library. three on which other projects depend are similar but not fixed yet.” Google’s update said.

The vulnerability was discovered by Clement Lecigne of Google’s Threat Analysis Team. This is the latest in a series of security flaws in Google Chrome that have been discovered and patched this year.

These include, among other things, CVE-2022-4135a vulnerability appeared at the end of November and has been actively exploited in the wild, as well as security flaws emerged in September and A series of significant vulnerabilities emerged in July.

The latest vulnerability fixes – 108.0.5359.94 for Mac and Linux and 108.0.5359.94/.95 for Windows – are currently rolling out and should be applied by users.

MORE ABOUT NETWORK SECURITY

news7f

News7F: Update the world's latest breaking news online of the day, breaking news, politics, society today, international mainstream news .Updated news 24/7: Entertainment, Sports...at the World everyday world. Hot news, images, video clips that are updated quickly and reliably

Related Articles

Back to top button