Active Exploitation of High-Severity Vulnerability in Google Chrome

Published on 03 Sep 2022

Updated on 07 Sep 2022

Google has released Chrome 105.0.5195.102 for Windows, Mac, and Linux to address a high-severity vulnerability (CVE-2022-3075) that is reported to be actively exploited.

The vulnerability is caused by insufficient data validation in Mojo, a collection of runtime libraries that facilitates message passing across arbitrary inter- and intra-process boundaries.

Google Chrome users on Windows, Mac and Linux are advised to install the latest security updates immediately. Users are also encouraged to enable the automatic update function in Chrome to ensure that their software is updated promptly. 

Users of Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi are also advised to apply the fixes as and when they become available.

More information is available here:

https://chromereleases.googleblog.com/2022/09/stable-channel-update-for-desktop.html?m=1