Security News > 2022 > July > Google updates Chrome to squash actively exploited WebRTC Zero Day
Google has issued an unexpected update to its Chrome browser to address a zero-day WebRTC flaw that is actively being exploited.
The fix is installing Chrome 103.0.5060.114 for Windows and Chrome 103.0.5060.71 for Android, both of which will appear soon.
Google says the flaw is under active attack, but offers no insight into how one might detect it or defend against it other than by updating Chrome.
The release of new Chrome cuts is the fourth time in 2022 that Google has needed to issue emergency fixes.
Thankfully, Chrome updates itself with little user intervention required, so the software's many millions of users should be protected from these latest issues in short order.
The WebRTC flaw was reported on July 1 and Google's notification of updated Chrome cuts to fix it is dated July 4, suggesting folks on the Chrome team lost a weekend preparing the fix and did so with decent speed.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/07/05/chrome_webrtc_zero_day/
Related news
- Google Chrome emergency update fixes 6th zero-day exploited in 2024 (source)
- Google patches third exploited Chrome zero-day in a week (source)
- Google fixes third actively exploited Chrome zero-day in a week (source)
- Google Patches Yet Another Actively Exploited Chrome Zero-Day Vulnerability (source)
- Google fixes third exploited Chrome zero-day in a week (CVE-2024-4947) (source)
- Google fixes yet another Chrome zero-day exploited in the wild (CVE-2024-5274) (source)
- Google fixes eighth actively exploited Chrome zero-day this year (source)
- Week in review: Google fixes yet another Chrome zero-day exploit, YouTube as a cybercrime channel (source)
- New Chrome Zero-Day Vulnerability CVE-2024-4761 Under Active Exploitation (source)
- Google rolls out Chrome fix for empty pages when switching tabs (source)