Google Chrome has released a new patch to address the high severity zero-day threat of CVE-2022-2294 heap-based buffer overflow vulnerability in the WebRTC (Web Real-Time Communications) component.
This Google vulnerability has unfortunately been exploited by malicious actors. The newly released patch will be the fourth Chrome zero-day patch released by Google this year.
The consequences of successful heap overflow exploitation can range from program crashes to unfettered code execution, as well as bypassing security solutions if code execution is gained during the attack.
When the overflow happens, this can breach a user’s privacy since it allows real-time video and audio communication from the browser without the need to install plugins or download native apps.
Google released the 103.0.5060.114 version, which is now available in the Stable Desktop channel worldwide. To prevent exploitation, users are advised to install today’s current Google Chrome update since this zero-day vulnerability is of high severity.
Users are strongly encouraged to update to version 103.0.5060.114 for Windows, macOS, and Linux, and to version 103.0.5060.71 for Android