Actively Exploited Zero-Day Flaw in Chrome Browser Patch Now

Google on Thursday released software updates to address yet another zero-day flaw in its Chrome web browser.

Tracked as CVE-2022-4135, the high-severity vulnerability has been described as a heap buffer overflow in the GPU component.

Heap-based buffer overflow bugs can be weaponized by threat actors to crash a program or execute arbitrary code, leading to unintended behavior.

It has been reported that the CVE-2022-4135 has been exploited in the wild, but like other actively exploited issues, technical specifics have been withheld until most users are updated with a fix to prevent further abuse.

With the latest update, Google has resolved eight zero-day vulnerabilities in Chrome since the start of the year.

Users must upgrade to version 107.0.5304.121 for macOS and Linux and 107.0.5304.121/.122 for Windows to mitigate potential threats.

Users of Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi are also advised to apply the fixes when they become available.

Source: THN