Google Fixes Chrome Zero-Day Vulnerability
- Laurent Giret
- Sep 06, 2022
-
3
Google released an update for its Chrome browser last week to fix a serious zero-day vulnerability. Chrome users need to update to version 105.0.5195.102 of the browser to protect themselves from this security flaw labeled CVE-2022-3075.
The zero-day vulnerability was discovered by an anonymous researcher on August 30. “Google is aware of reports that an exploit for CVE-2022-3075 exists in the wild,” the company said in its security advisory.
Windows Intelligence In Your Inbox
Sign up for our new free newsletter to get three time-saving tips each Friday — and get free copies of Paul Thurrott's Windows 11 and Windows 10 Field Guides (normally $9.99) as a special welcome gift!
"*" indicates required fields
There are not a lot of details about this zero-day vulnerability so far, but the Chrome team explained that it’s related to “insufficient data validation in Mojo.” For those unfamiliar, Mojo is a collection of runtime libraries used by Chrome and other Chromium-based browsers.
“Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed,” the Chrome team explained.
Google will roll out Chrome version 105.0.5195.102 to all Windows, macOS, and Linux users over the coming days and weeks. However, you can also force the update by clicking on the ellipsis button on the top right corner of the browser, then going to Help > About Google Chrome.