September 26, 2022

TheCyberThrone

Thinking Security ! Always

Google Chrome 5th Zeroday of 2022 patched

Google has uncovered that threat actors are exploiting a previously unknown Chrome browser flaw.

Google detected the high-severity flaw with the help of its own security researchers and its a zeroday exploit.

Advertisements

The flaw has been given the designation CVE-2022-2856. As usual Google has only described the exploit as involving insufficient validation of untrusted input in Intents.

These intents can allow a web page to access and run a third-party app over the browser session. Hence, there’s a good chance hackers are using the zero-day exploit to serve up malicious apps through a web page or phishing email.

CVE-2022-2856 marks the fifth time this year Google has patched an actively exploited flaw in the Chrome browser.

Advertisements

The patch for CVE-2022-2856 should begin rolling out to the Chrome browser for Windows, macOS, and Linux devices in the coming days and weeks via Chrome version 104.0.5112.101/102.

You can check which version of Chrome you’re running by going to the About Google Chrome  function. The same function will also automatically begin downloading the latest Chrome version once it becomes available

%d bloggers like this: