- The Chrome team announced the release of an update to fix a high-severity zero-day vulnerability.
- The vulnerability is Google Chrome’s eighth zero-day vulnerability patched since the beginning of 2022.
- Google stated that the exploit for the vulnerability is now available in the wild, thus urging users to apply the patch as soon as possible.
The Google Chrome team released another update to fix a vulnerability. This is the eighth zero-day vulnerability found and patched in Google’s popular web browser. The vulnerability is now being exploited in the wild, thus users are urged to apply the patch as soon as possible to stay safe.
Exploited in the wild
The high-severity zero-day vulnerability, tracked as CVE-2022-4135, is a heap buffer overflow in GPU. To fix the vulnerability, the Stable channel has been updated to 107.0.5304.121 for Mac and Linux and 107.0.5304.121/.122 for Windows, which will be rolled out over the next few days. The details of the vulnerability will be kept restricted until the majority of Chrome users applied the fix.
The vulnerability was reported by Clement Lecigne from Google’s Threat Analysis Group on the 22nd of November. The exploit for the vulnerability exists in the wild.
To manually update your Chrome browser, you can click the three dots at the right top of the browser window, then follow Help > About Google Chrome. It will immediately check for new updates and install them.