Security News > 2022 > November > Google pushes emergency Chrome update to fix 8th zero-day in 2022

Google pushes emergency Chrome update to fix 8th zero-day in 2022
2022-11-25 07:28

Google has released an emergency security update for the desktop version of the Chrome web browser, addressing the eighth zero-day vulnerability exploited in attacks this year.

As users need time to apply the security update on their Chrome installations, Google has withheld details about the vulnerability to prevent expanding its malicious exploitation.

Chrome users are recommended to upgrade to version 107.0.5304.121/122 for Windows and 107.0.5304.122 for Mac and Linux, which addresses CVE-2022-4135.

To update Chrome, head to Settings About Chrome Wait for the download of the latest version to finish Restart the program.

Chrome version 107.0.5304.121/122 fixes the eighth actively exploited zero-day vulnerability this year, indicating the high interest of attackers against the widely used browser.

All Chrome users are strongly advised to update their web browsers as soon as possible to block potential exploitation attempts.


News URL

https://www.bleepingcomputer.com/news/security/google-pushes-emergency-chrome-update-to-fix-8th-zero-day-in-2022/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-11-25 CVE-2022-4135 Out-of-bounds Write vulnerability in multiple products
Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
network
low complexity
google microsoft CWE-787
critical
9.6

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Google 129 998 4623 1806 1760 9187