Google patches actively exploited Chrome bug2022-07-05 19:32 by Daniela
Tags: Chrome, browser, bug
Google posted a security update for its Chrome browser that fixes what's known as a zero-day bug. The problem affects Chrome on Windows, Mac, and Android. The flaw can lead to arbitrary code execution, a serious security vulnerability, so it's best to download and install the latest version immediately. Zero-day bugs mean that this is a known weakness and, in this case, Google said that the flaw is already being exploited by hackers.
The high-severity vulnerability (CVE-2022-2294) is a heap buffer overflow bug, which occurs when data is moved to a fixed-length memory buffer that is too small to hold the data. If exploited, this vulnerability can typically have a number of impacts, including denial-of-service attacks or, in some cases, arbitrary code execution.
As per usual, Google did not reveal specific details about the bug, as it generally waits until most have updated to the patched version of the affected product.
Windows users of Chrome will receive the update to Chrome 103.0.5060.114 in the coming days and weeks. Since one of the issues is exploited in the wild, it is recommended to force Chrome to update to protect the device and its data from attacks.
Read more -here-