Active Exploitation of a Zero-day Vulnerability in Chrome Web Browser

Published on 29 Oct 2022

Updated on 29 Oct 2022

Google has released a security update to address a zero-day vulnerability (CVE-2022-3723) in their Chrome Web Browser. The vulnerability is reportedly being actively exploited.

 

Successful exploitation of the vulnerability could allow attackers to read sensitive information of other applications, crash the applications by accessing memory regions that should not be accessible from the application, or perform remote code execution.

 

Users of the affected product are advised to upgrade to the latest versions immediately. Users are also encouraged to enable the automatic update function in Chrome to ensure that their software is updated promptly.

 

Users of Chromium-based browsers (e.g. Microsoft Edge, Brave, Opera, Vivaldi, etc.) are also advised to apply the fixes as and when they become available.

 

More information is available here:

https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_27.html?m=1

https://www.bleepingcomputer.com/news/security/google-fixes-seventh-chrome-zero-day-exploited-in-attacks-this-year/