Popular web browser, Google Chrome has rolled out an emergency update to address a high-severity security flaw.
Google rolled out Chrome version 105.0.5195.102 for Windows, Mac, and Linux users to address the sixth Chrome zero-day exploit in 2022. On Friday, Google published a security advisory explaining about it is aware that the exploit for CVE-2022-3075 exists in the wild.
Google has rolled out the update to the Stable Desktop channel and it will take a few days or weeks to reach all users. Users can manually check for updates by heading over to the Chrome menu (click on three dots) and then clicking on the help page and lastly clicking About Google Chrome. On the next launch, the browser will automatically get updated.
High severity vulnerability tracked as CVE-2022-3075 is caused due to inadequate Mojo data validation. Mojo is a collection of runtime libraries that facilitates message passing across arbitrary inter and intra-process boundaries.
An anonymous security researcher found this security vulnerability and reported it to Google.
Google said, “Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.”
CVE-2022-3075 is the sixth Chrome Zero-day fixed in 2022, the other five vulnerabilities are:
- CVE-2022-2856 – August 17th
- CVE-2022-2294 – July 4th
- CVE-2022-1364 – April 14th
- CVE-2022-1096 – March 25th
- CVE-2022-0609 – February 14th
Are you looking for more software news? Then, stay tuned for the latest software news from top tech industries.