• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
update chrome browser now to patch new actively exploited zero day

Update Chrome Browser Now to Patch New Actively Exploited Zero-Day Flaw

You are here: Home / General Cyber Security News / Update Chrome Browser Now to Patch New Actively Exploited Zero-Day Flaw
November 25, 2022

Google on Thursday unveiled software package updates to tackle however another zero-day flaw in its Chrome web browser.

Tracked as CVE-2022-4135, the large-severity vulnerability has been described as a heap buffer overflow in the GPU part. Clement Lecigne of Google’s Risk Analysis Group (TAG) has been credited with reporting the flaw on November 22, 2022.

Heap-dependent buffer overflow bugs can be weaponized by threat actors to crash a program or execute arbitrary code, main to unintended conduct.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


“Google is informed that an exploit for CVE-2022-4135 exists in the wild,” the tech huge acknowledged in an advisory.

But like other actively exploited issues, complex specifics have been withheld until finally a the vast majority of the customers are up to date with a deal with and to avert more abuse.

With the most current update, Google has settled eight zero-day vulnerabilities in Chrome considering that the start out of the calendar year –

  • CVE-2022-0609 – Use-following-free of charge in Animation
  • CVE-2022-1096 – Style confusion in V8
  • CVE-2022-1364 – Variety confusion in V8
  • CVE-2022-2294 – Heap buffer overflow in WebRTC
  • CVE-2022-2856 – Inadequate validation of untrusted enter in Intents
  • CVE-2022-3075 – Insufficient details validation in Mojo
  • CVE-2022-3723 – Form confusion in V8

People are advisable to enhance to version 107..5304.121 for macOS and Linux and 107..5304.121/.122 for Windows to mitigate prospective threats.

Consumers of Chromium-based mostly browsers this sort of as Microsoft Edge, Brave, Opera, and Vivaldi are also recommended to use the fixes as and when they develop into offered.

Located this posting exciting? Stick to THN on Facebook, Twitter  and LinkedIn to examine more exclusive material we article.


Some sections of this write-up are sourced from:
thehackernews.com

Previous Post: «Cyber Security News Interpol arrests nearly 1,000 cyber criminals in months-long anti-fraud operation
Next Post: Remote Code Execution Vulnerability Found in Windows Internet Key Exchange Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • New HTTPBot Botnet Launches 200+ Precision DDoS Attacks on Gaming and Tech Sectors
  • Top 10 Best Practices for Effective Data Protection
  • Researchers Expose New Intel CPU Flaws Enabling Memory Leaks and Spectre v2 Attacks
  • Fileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based Attacks
  • [Webinar] From Code to Cloud to SOC: Learn a Smarter Way to Defend Modern Applications
  • Meta to Train AI on E.U. User Data From May 27 Without Consent; Noyb Threatens Lawsuit
  • Coinbase Agents Bribed, Data of ~1% Users Leaked; $20M Extortion Attempt Fails
  • Pen Testing for Compliance Only? It’s Time to Change Your Approach
  • 5 BCDR Essentials for Effective Ransomware Defense
  • Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers

Copyright © TheCyberSecurity.News, All Rights Reserved.