A vulnerability in the Chrome web browser was being exploited in the wild, which forced Google to issue emergency fixes to address the security concern.
The patch concerned applies to this recently discovered zero-day vulnerability:
CVE-2022-3075 – This regards insufficient data validation in Mojo, which concerns a series of runtime libraries that provide specific design attributes and philosophies for inter-process communication. Google announced it was aware of the flaw after an anonymous researcher was credited with reporting it a few days earlier.
This update is the sixth zero-day vulnerability in Chrome that Google has resolved since the start of 2022 –
· CVE-2022-0609 – Use-after-free in Animation
· CVE-2022-1096 – Type confusion in V8
· CVE-2022-1364 – Type confusion in V8
· CVE-2022-2294 – Heap buffer overflow in WebRTC
· CVE-2022-2856 – Insufficient validation of untrusted input in Intents
It is recommended that Windows, macOS and Linux users update to version 105.0.5195.102 to mitigate against any potential threats. To maintain and improve the security of your devices and networks, users must keep up to date with the latest patches and updates available.