December 5, 2023

The fourth zero-day hack hit Chrome, and Google is urging users to upgrade their browsers. Here’s everything you need to know.

Google, in its post on the official Chrome blog, said the exploit (CVE-2022-2294) affects Windows and Android users, acknowledging that “Google is aware that the CVE-2022-2294 exploit is in the wild.” The company also confirmed two other high-profile security threats.

While Google is restricting information about vulnerabilities until users have the opportunity to upgrade, the company has provided the following details.

  • high CVE-2022-2294 [Zero-Day threat]: WebRTC buffer overflow. Reported by Jan Vojtesek of Avast Threat Intelligence Team on 07-01-2022
  • high CVE-2022-2295: Type confusion in v8. Reported by avaue and Buff3tts in SSL on 06-16-2020
  • high CVE-2022-2296: Use it for free in Chrome OS Shell. Narrated by Khalil Zani on 05-19-2022

WebRTC (Web Real-Time Communications) is an open source project that enables real-time voice, text, and video communications capabilities between web browsers and devices. It was developed by Global IP Solutions (or GIPS), a Swedish company, in 1999 before GIPS was acquired by Google in 2011.

For the other two, V8 is the Chrome component responsible for processing JavaScript, the engine at the heart of Chrome, and this vulnerability also affects Windows and Android. CVE-2022-2296 affects Windows only, and use after Free (a memory exploit) is the most common path researchers have used to exploit the browser in recent years. Nearly 100 UAF vulnerabilities were found in Chrome in 2022 alone.

In response, Google released Chrome 103.0.5060.114 for Windows and 103.0.5060.71) for Android. While Android can update and restart Chrome itself automatically, Windows users should follow these steps:

  1. Click the three dots in the upper right corner of Chrome.
  2. click Settings > Help > About Google Chrome.
  3. Wait for Chrome to find and install the update.
  4. When prompted, restart Chrome (this is the last step very important).

Zero-day hacks are increasing across All major platformsGoogle stressed that web browsers are no exception. If you’re using Chrome, there’s never been a more important time to stay diligent.

___

Follow Gordon on Facebook

More about Forbes

More from ForbesHow to update google chromeby Gordon Kelly

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *

Related News

Trending Frameworks for PHP Web Development Services in 2024 PHP Web Development Services

Trending Frameworks for PHP Web Development Services in 2024

October 16, 2023
Top 5 Artificial Intelligence(AI) Development Companies ai development services

Top 5 Artificial Intelligence(AI) Development Companies

October 4, 2023

You may have missed

Download GBWhatsApp PRO Latest Version

Download GBWhatsApp PRO Latest Version

December 5, 2023
Tiktok Downloader – Download Tiktok Videos Without Watermark for Free

Tiktok Downloader – Download Tiktok Videos Without Watermark for Free

December 5, 2023
GBWhatsApp APK Download Latest Version (Official)

GBWhatsApp APK Download Latest Version (Official)

December 4, 2023
Download GB WhatsApp Pro APK Latest Version For Android

Download GB WhatsApp Pro APK Latest Version For Android

December 4, 2023
Signature Style: Exploring the Unique Features of Mr Winston Hoodie Mr Winston Hoodie

Signature Style: Exploring the Unique Features of Mr Winston Hoodie

December 1, 2023
Spotting Hidden Leaks Before Major Palm Coast Home Damage

Spotting Hidden Leaks Before Major Palm Coast Home Damage

November 28, 2023