Update Chrome ASAP: Google patches new zero-day exploit
While you’re shopping online for Black Friday today, do yourself a favor and update Chrome. On Thursday, Google began rolling out a new stable channel update for the Chrome browser on Windows, Mac, and Linux to patch a zero-day exploit that exists in the wild. If you haven’t already, check and make sure your browser is updated to at least version 107.0.5304.121 for Mac and Linux and 107.0.5304.121/.122 for Windows.
Google’s Prudhvikumar Bommana says on the Chrome Releases blog that CVE-2022-4135 is a high-severity flaw concerning heap buffer overflow in GPU.
According to BleepingComputer, heap buffer overflow “is a memory vulnerability resulting in data being written to forbidden (usually adjacent) locations without check.” Hackers can use this vulnerability to overwrite an app’s memory to manipulate its execution path. After that, they can then access restricted information and execute arbitrary code.
As usual, we don’t actually know how hackers are exploiting this security flaw.
“Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” Google explains. “We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven’t yet fixed.”
This is the eighth Chrome zero-day exploit that Google has patched in 2022. The one before this surfaced on November 1 and involved a type confusion weakness.
How to update your Chrome browser
Chrome doesn’t always apply the latest updates when you open the browser, so if you want to check and see which version you are running, go to Settings and then About Chrome at the bottom of the menu bar on the left side of the screen.
If you are already running the latest version of the browser, then you are good to go. If not, you should begin the process of updating as soon as possible. Once it finishes downloading, click the Relaunch button to finish updating.
More Google coverage: For more Pixel news, visit our Pixel 7 guide.
While you’re shopping online for Black Friday today, do yourself a favor and update Chrome. On Thursday, Google began rolling out a new stable channel update for the Chrome browser on Windows, Mac, and Linux to patch a zero-day exploit that exists in the wild. If you haven’t already, check and make sure your browser is updated to at least version 107.0.5304.121 for Mac and Linux and 107.0.5304.121/.122 for Windows.
Google’s Prudhvikumar Bommana says on the Chrome Releases blog that CVE-2022-4135 is a high-severity flaw concerning heap buffer overflow in GPU.
According to BleepingComputer, heap buffer overflow “is a memory vulnerability resulting in data being written to forbidden (usually adjacent) locations without check.” Hackers can use this vulnerability to overwrite an app’s memory to manipulate its execution path. After that, they can then access restricted information and execute arbitrary code.
As usual, we don’t actually know how hackers are exploiting this security flaw.
“Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” Google explains. “We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on, but haven’t yet fixed.”
This is the eighth Chrome zero-day exploit that Google has patched in 2022. The one before this surfaced on November 1 and involved a type confusion weakness.
How to update your Chrome browser
Chrome doesn’t always apply the latest updates when you open the browser, so if you want to check and see which version you are running, go to Settings and then About Chrome at the bottom of the menu bar on the left side of the screen.
If you are already running the latest version of the browser, then you are good to go. If not, you should begin the process of updating as soon as possible. Once it finishes downloading, click the Relaunch button to finish updating.
More Google coverage: For more Pixel news, visit our Pixel 7 guide.
Denial of responsibility! Techno Blender is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – [email protected]. The content will be deleted within 24 hours.