Security News > 2022 > November > Update Chrome Browser Now to Patch New Actively Exploited Zero-Day Flaw
Google on Thursday released software updates to address yet another zero-day flaw in its Chrome web browser.
Clement Lecigne of Google's Threat Analysis Group has been credited with reporting the flaw on November 22, 2022.
Heap-based buffer overflow bugs can be weaponized by threat actors to crash a program or execute arbitrary code, leading to unintended behavior.
"Google is aware that an exploit for CVE-2022-4135 exists in the wild," the tech giant acknowledged in an advisory.
Like other actively exploited issues, technical specifics have been withheld until a majority of the users are updated with a fix and to prevent further abuse.
With the latest update, Google has resolved eight zero-day vulnerabilities in Chrome since the start of the year -.
News URL
https://thehackernews.com/2022/11/update-chrome-browser-now-to-patch-new.html
Related news
- Microsoft October 2024 Patch Tuesday fixes 5 zero-days, 118 flaws (source)
- Firefox Zero-Day Under Attack: Update Your Browser Immediately (source)
- Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws (source)
- Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 89 flaws (source)
- Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-25 | CVE-2022-4135 | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |