Security News > 2022 > July > Google patches new Chrome zero-day flaw exploited in attacks
Google has released Chrome 103.0.5060.114 for Windows users to address a high-severity zero-day vulnerability exploited by attackers in the wild, the fourth Chrome zero-day patched in 2022.
This update was available immediately when BleepingComputer checked for new updates by going into Chrome menu > Help > About Google Chrome.
Although Google says this zero-day vulnerability was exploited in the wild, the company is yet to share technical details or a any info regarding these incidents.
With this update, Google has addressed the fourth Chrome zero-day since the start of the year.
The one fixed in February, CVE-2022-0609, was exploited by North Korean-backed state hackers weeks before the February patch, according to the Google Threat Analysis Group.
Because the zero-day patched today is known to have been used by attackers in the wild, is it strongly recommended to install today's Google Chrome update as soon as possible.
News URL
Related news
- Google Chrome emergency update fixes 6th zero-day exploited in 2024 (source)
- Google patches third exploited Chrome zero-day in a week (source)
- Google fixes third actively exploited Chrome zero-day in a week (source)
- Google Patches Yet Another Actively Exploited Chrome Zero-Day Vulnerability (source)
- Google fixes third exploited Chrome zero-day in a week (CVE-2024-4947) (source)
- Google fixes yet another Chrome zero-day exploited in the wild (CVE-2024-5274) (source)
- Google fixes eighth actively exploited Chrome zero-day this year (source)
- Week in review: Google fixes yet another Chrome zero-day exploit, YouTube as a cybercrime channel (source)
- New ARM 'TIKTAG' attack impacts Google Chrome, Linux systems (source)
- Apple backports fix for zero-day exploited in attacks to older iPhones (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-05 | CVE-2022-0609 | Use After Free vulnerability in Google Chrome Use after free in Animation in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |