Google rolls out new Chrome update to fix another zero-day vulnerability

Google has recently pushed an emergency update for the Chrome web browser to fix another security flaw that has been misused by attackers since 2022. This is the eighth zero-day vulnerability that Google has addressed for the Chrome browser this year. The tech giant has updated its blog post to announce the new emergency update and named this high-severity flaw CVE-2022-4135. Google noted that this vulnerability is a heap buffer overflow in GPU which was recently discovered by a member of the company’s Threat Analysis Group.
Google Chrome’s latest zero-day vulnerability: More details
As per the blog post, Google has confirmed that it is aware that an exploit for CVE-2022-4135 exists. However, the company has withheld specific details about the security flaw to prevent its malicious exploitation.
Google claimed that the security update for Chrome will need some time to reach and get applied by the users, so the company has decided to temporarily suppress specific information about the vulnerability.

What is a heap buffer overflow vulnerability
A heap buffer overflow is usually a memory vulnerability that can be misused to store user data in forbidden locations without any restriction from the system.
This security flaw can be used by attackers to overwrite an app’s memory and manipulate its execution path. The security flaw can also result in unrestricted data access or arbitrary code execution.
How to install new update for the Chrome browser
Google has advised Chrome users on Windows to upgrade to version 107.0.5304.121/122. Meanwhile, Mac and Linux users have to update their Chrome browsers to 107.0.5304.122 to address the issue.
To update Chrome browser, users have to open the Settings menu available on the top right corner of the screen. Navigate to the About Chrome option in the menu and wait for the browser to download the latest update. Users have to restart their browsers to finish the installation.




Source link

WORLD NEWS