In order to address a recently identified zero-day vulnerability that is actively being used by hackers, Google has released a security update for the Chrome browser for Windows, Mac, and Linux. Users are advised to install the update as soon as they can.
The zero-day vulnerability has been given the designation CVE-2022-307 and is categorized as high severity. Your current version of Chrome has been updated to version 105.0.5195.102 by Google's patch, which also resolves the issue.
The Chromium-based browsers Opera, Brave, and Microsoft Edge are affected by the security flaw because they employ a group of back-end libraries collectively known as Mojo.
Over the upcoming days and weeks, users will begin to receive the security patch. When Chrome prompts users to update, they should do so immediately.
Google has not disclosed specifics on the security update, only stating that "access to bug details and links may be kept restricted until a majority of users are updated with a fix"
It's possible that information about the vulnerability is being withheld for the time being to prevent cyber criminals from exploiting it before the majority of Google Chrome users have had a chance to apply the fix.
The Singapore Computer Emergency Response Team (SingCERT) urges users to "install the latest security updates immediately" and "users are also encouraged to enable the automatic update function in Chrome to ensure that their software is updated promptly."
For the update to take effect, Chrome users must restart the browser. This will upgrade Chrome for Windows, Mac, and Linux to version 105.0.5195.102. Click the three-dot icon in your browser's upper right corner to confirm that you are using the most recent version.
You can find out if Chrome is up to date on your device by navigating to "Help," followed by "About Google Chrome."
An unidentified cybersecurity researcher who will get an undetermined bug bounty submitted the vulnerability to Google anonymously.
"We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel," Google said.
This is the sixth zero-day vulnerability that Chrome has encountered this year. According to BleepingComputer, the most recent actively exploited vulnerability was discovered in mid-August.
Applying security updates on time for any software and applications is one of the most important things that individuals and organizations can do to help protect themselves and their businesses from cyberattacks.
