March 29, 2023

Google has addressed a critical security vulnerability in the Chrome web browser that it being actively exploited in the wild.

Tracked as CVE-2022-3075, an insufficient data validation, which refers to a collection of runtime libraries that provide a platform-agnostic mechanism for inter-process communication.

As usual, Google said its aware of reports that an exploit for CVE-2022-3075 exists in the wild, without delving into additional specifics about the nature of the attacks to prevent additional threat actors from taking advantage of the flaw.

Advertisements

The fix marks the sixth zero-day vulnerability in Chrome that Google has resolved since the start of the year –

  • CVE-2022-0609 – Use-after-free in Animation
  • CVE-2022-1096 – Type confusion in V8
  • CVE-2022-1364 – Type confusion in V8
  • CVE-2022-2294 – Heap buffer overflow in WebRTC
  • CVE-2022-2856 – Insufficient validation of untrusted input in Intents

Google urges to upgrade to 105.0.5195.102 version for Windows, macOS, and Linux. Users of Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi are also advised to apply the fixes as and when they become available.

Tags:

1 thought on “Google Chrome Sixth Zero Day of 2022 Addressed

  1. Pingback: CISA adds 12 Vulnerabilities to Known Exploited Catalog - Due date 29th Sep 2022 - TheCyberThrone

Leave a Reply

You may have missed

Apple Backports ZeroDay Patches for older devices

Apple Backports ZeroDay Patches for older devices

March 28, 2023
Apache Fineract Vulnerabilities

Apache Fineract Vulnerabilities

March 28, 2023
IceID Malware Shifting Focus to Ransomwares

IceID Malware Shifting Focus to Ransomwares

March 28, 2023
Sun Pharma suffers a Security Incident

Sun Pharma suffers a Security Incident

March 28, 2023
Twitter Source Code Leak on Git

Twitter Source Code Leak on Git

March 27, 2023
Okta Credentials Exposed via Post Exploitation Attack

Okta Credentials Exposed via Post Exploitation Attack

March 27, 2023
%d bloggers like this: