Register now for better personalized quote!

Google Chrome zero-day flaw: Users urged to install update 'immediately'

Sep, 05, 2022 Hi-network.com
Image: Getty/iStockphoto

Google has released a security update for the Chrome browser on Windows, Mac and Linux to fix a newly discovered zero-day vulnerability that is being exploited actively by cyberattacks -and users are urged to apply the update as soon as possible. 

The release, which updates Google Chrome to version 105.0.5195.102, fixes what's described as a high-severity security issue (CVE-2022-307) relating to insufficient data validation in Mojo, a collection of runtime libraries used in Chromium, which powers much of the code behind the Google Chrome browser. 

Security

  • 8 habits of highly secure remote workers
  • How to find and remove spyware from your phone
  • The best VPN services: How do the top 5 compare?
  • How to find out if you are involved in a data breach -- and what to do next

Google said it's "aware of reports that an exploit for CVE-2022-3075 exists in the wild".

SEE: These are the cybersecurity threats of tomorrow that you should be thinking about today

The security patch is set to be rolled out to users over the coming days and weeks. Users are urged to apply the update when Chrome asks them. 

Google hasn't provided exact details of what the security update relates to, noting "access to bug details and links may be kept restricted until a majority of users are updated with a fix".  

It's likely that information about the vulnerability is being withheld for now to prevent cyber criminals from taking advantage of it before most Google Chrome users have had an opportunity to apply the update. 

The Singapore Computer Emergency Response Team (SingCERT) advises users to "install the latest security updates immediately" -and that "users are also encouraged to enable the automatic update function in Chrome to ensure that their software is updated promptly."

The vulnerability was submitted anonymously to Google by an unnamed cybersecurity researcher who will receive a bug bounty that is yet to be decided. 

"We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel," said Google. 

For any software and applications, applying security updates in a timely manner is one of the key things that individuals and organisations can do to help protect themselves and their businesses against cyberattacks. 

MORE ON CYBERSECURITY

  • Google Cloud: When it comes to cyber risks, we're all in it together
  • These are the biggest cybersecurity threats. Make sure you aren't ignoring them
  • Time to update: Google patches seven Chrome browser bugs, four rated 'high' risk
  • CISA warning: Hackers are exploiting these 36 "significant" cybersecurity vulnerabilities - so patch now
  • Google: These 'curated' open-source packages will improve software supply chain security

tag-icon Hot Tags : Tech Security

Copyright © 2014-2024 Hi-Network.com | HAILIAN TECHNOLOGY CO., LIMITED | All Rights Reserved.