Security News > 2022 > August > New Google Chrome Zero-Day Vulnerability Being Exploited in the Wild
Google on Tuesday rolled out patches for Chrome browser for desktops to contain an actively exploited high-severity zero-day flaw in the wild.
Security researchers Ashley Shen and Christian Resell of Google Threat Analysis Group have been credited with reporting the flaw on July 19, 2022.
"Google is aware that an exploit for CVE-2022-2856 exists in the wild," it acknowledged in a terse statement.
Also fixed is a heap buffer overflow vulnerability in Downloads.
The development marks the fifth zero-day vulnerability in Chrome that Google has resolved since the start of the year -.
Users are recommended to update to version 104.0.5112.101 for macOS and Linux and 104.0.5112.102/101 for Windows to mitigate potential threats.
News URL
https://thehackernews.com/2022/08/new-google-chrome-zero-day.html
Related news
- Google fixes Chrome zero-day exploited in espionage campaign (source)
- Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783) (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnerability (source)
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
- After Chrome patches zero-day used to target Russians, Firefox splats similar bug (source)
- Google Fixed Cloud Run Vulnerability Allowing Unauthorized Image Access via IAM Misuse (source)
- Google Patches Quick Share Vulnerability Enabling Silent File Transfers Without Consent (source)
- Google fixes Android zero-days exploited in attacks, 60 other flaws (source)
- PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware (source)