Users of Google Chrome running on Windows, Mac, and Linux should update their browsers to the most recent version to guard against a critical security hole that hackers are actively attempting to exploit.
In a blog post on September 2, Google stated, “Google is aware of reports that an exploit for CVE-2022-3075 exists in the wild,”. Google says it expects the fix to roll out to all customers in the upcoming days or weeks after an anonymous tipster reported the issue on August 30.
Regarding the nature of the flaw, the corporation hasn’t yet made much information public. According to what we now know, it has to do with “Insufficient data validation” in Mojo, a set of runtime libraries used by Chromium, the codebase upon which Google Chrome is based.
The business warned that “Access to bug details and links may be kept restricted until a majority of users are updated with a fix.” Google makes it more difficult for hackers to discover how to exploit the vulnerability before the next update and eliminates the window for assaults by withholding those data for the time being.
To activate the update, Chrome users must restart the browser. For Windows, Mac, and Linux, this will update Chrome to version 105.0.5195.102. Click the three dots in the top right corner of your browser to make sure you’re using the most recent version. You can find out if Chrome is the most recent version on your device by going to “Help,” and then “About Google Chrome.”
After releasing Chrome version 105 on August 30th, Google delivered this most recent update just a few days later. 24 security fixes had previously been included in that release. Even it wasn’t sufficient.
This is Chrome’s sixth encounter with a zero-day vulnerability so far this year. According to BleepingComputer, the most recent vulnerability to be extensively exploited was merely discovered in mid-August.