Google Fixes Chrome Zero-Day Vulnerability

Posted on September 6, 2022 by Laurent Giret in Cloud, Google Chrome, Web browsers with 3 Comments

Google released an update for its Chrome browser last week to fix a serious zero-day vulnerability. Chrome users need to update to version 105.0.5195.102 of the browser to protect themselves from this security flaw labeled CVE-2022-3075.

The zero-day vulnerability was discovered by an anonymous researcher on August 30. “Google is aware of reports that an exploit for CVE-2022-3075 exists in the wild,” the company said in its security advisory.

There are not a lot of details about this zero-day vulnerability so far, but the Chrome team explained that it’s related to “insufficient data validation in Mojo.” For those unfamiliar, Mojo is a collection of runtime libraries used by Chrome and other Chromium-based browsers.

“Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed,” the Chrome team explained.

Google will roll out Chrome version 105.0.5195.102 to all Windows, macOS, and Linux users over the coming days and weeks. However, you can also force the update by clicking on the ellipsis button on the top right corner of the browser, then going to Help > About Google Chrome.

Tagged with