New Google Chrome Zero-Day Vulnerability Being Exploited in the Wild

Products You May Like

Google on Tuesday rolled out patches for Chrome browser for desktops to contain an actively exploited high-severity zero-day flaw in the wild.

Tracked as CVE-2022-2856, the issue has been described as a case of insufficient validation of untrusted input in Intents. Security researchers Ashley Shen and Christian Resell of Google Threat Analysis Group have been credited with reporting the flaw on July 19, 2022.

As is typically the case, the tech giant has refrained from sharing additional specifics about the shortcoming until a majority of the users are updated. “Google is aware that an exploit for CVE-2022-2856 exists in the wild,” it acknowledged in a terse statement.

The latest update further addresses 10 other security flaws, most of which relate to use-after-free bugs in various components such as FedCM, SwiftShader, ANGLE, and Blink, among others. Also fixed is a heap buffer overflow vulnerability in Downloads.


The development marks the fifth zero-day vulnerability in Chrome that Google has resolved since the start of the year –

Users are recommended to update to version 104.0.5112.101 for macOS and Linux and 104.0.5112.102/101 for Windows to mitigate potential threats. Users of Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi are also advised to apply the fixes as and when they become available.

Cyber Security

Products You May Like

Articles You May Like

Google to shut down gaming service Stadia as CEO Pichai continues cost-cutting efforts
New Malware Families Found Targeting VMware ESXi Hypervisors
Google Stadia to Shut Down in January 2023, Company to Refund Hardware Purchases: All Details
Saturn’s Moon Enceladus Has “Almost All” Ingredients for Life to Survive: Study
Steam 2022 Sale Schedule Revealed, Annual Spring Sale Coming 2023

Leave a Reply

Your email address will not be published.