Google Chrome users on Windows, Mac and Linux need to install the latest browser update to protect against a serious security vulnerability that hackers are already actively exploiting.
Google reported the exploit CVE-2022-3075 on September 2nd. An anonymous whistleblower briefed the company on the issue on August 30. The nature of the error is hushed up until the update is received by most users. The company blog says:
[$TBD][1358134] High CVE-2022-3075: Insufficient data validation in Mojo.
Mojo is a set of libraries used by Chromium, the Google Chrome engine.
Chrome users need to restart the browser to activate the update. This will update Chrome to version 105.0.5195.102 for Windows, Mac, and Linux. To make sure you’re on the latest version, click the three dots icon in the top right corner of your browser. Going to “Help” and then clicking on the “About Google Chrome” link will take you to a page that will tell you if Chrome is up to date.
The update comes just days after Google released Chrome version 105 on August 30. It already contains 24 security fixes. This is the sixth zero-day vulnerability that Chrome has encountered this year. The previous actively exploited vulnerability was discovered in mid-August.
Google Adds Feature-Detailed Privacy Guide to Chrome
Sources: Google Blog , The Verge