Site icon TechNewsBoy.com

Time to update: Google Chrome browser patches high-severity security flaw

Image: Getty/damircudic

Google has released a security update for for Chrome which protects users against a newly discovered, high severity vulnerability in the browser which it’s warned is already actively being exploited by cyber attackers. 

The Stable Channel Update for Google Chrome on desktop is for Windows, Mac and Linux versions of the browser. It’s recommended that users apply the security update as soon as possible – something which Google Chrome will do automatically when the browser is closed and reopened. 

The update fixes CVE-2022-4262, a vulnerability classed as high severity which allows a remote attacker to potentially exploit a Type Confusion issue n Google V8’s javascript engine by causing heap corruption via a crafted HTML page. 

‘Heap’ is an area of pre-reserved computer memory that a program uses to store a variable amount of data – and heap corruption occurs when a program damages the view of the heap, which can result in a memory fault which can be abused by attackers. 

Also: Cybersecurity: These are the new things to worry about in 2023

Google states that it’s aware that an exploit for CVE-2022-4262 is active in the wild – in other words, it’s actively being used by cyber criminals to power malicious hacking campaigns – but hasn’t yet provided any information on how this is taking place, citing a precaution against providing other attackers with a way to use it before users are protected. 

“Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed,” said Google’s update. 

The vulnerability was discovered by Clement Lecigne of Google’s Threat Analysis Group. It represents the latest in a series of security flaws in Google Chrome which have been uncovered and patched during this year. 

These include, among others, CVE-2022-4135, a vulnerability which emerged in late November and was already actively being exploited in the wild, as well as security flaws which emerged in September and a series of significant vulnerabilities which appeared in July. 

The update which fixes the latest flaw – 108.0.5359.94 for Mac and Linux and 108.0.5359.94/.95 for Windows – is being rolled out now and it’s recommended users apply it.  

MORE ON CYBERSECURITY

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – abuse@technewsboy.com. The content will be deleted within 24 hours.
Exit mobile version