Google Issue Chrome Update to Patch in-wild Zero-Days

Google patch actively exploited zero-day on Chrome

Chrome update

Google released the latest stable version of "Google Chrome" for desktops. v104.0.5112.102/101 for Windows environments and v104.0.5112.101 for Mac/Linux environments will be deployed sequentially. Also, v104.0.5112.102 (Windows) and v104.0.5112.101 (Mac) have been released in the Extended Stable channel.

On this version, Google patched 11 security vulnerabilities where 10 have revealed CVE numbers. Among them, the use after free flaw (CVE-2022-2852) in the "Federated Credential Management API" (FedCM) is rated as the most severe "Critical" and requires attention. In addition, the problem of insufficient validation of untrusted input in intents (CVE-2022-2856, High) has already been confirmed to be exploited and needs to be addressed as soon as possible.

 The breakdown of severity is 1 case of "Critical", 6 cases of "High", and 3 cases of "Medium". In addition, defects found in internal audits and fuzzing have also been fixed.

 "Google Chrome" for desktop is compatible with Windows / Mac / Linux and can be downloaded for free from the company's website. The Windows version supports Windows 7 or later. If it is already installed, it will be updated automatically, but you can also manually update it by accessing the settings screen (chrome://settings/help).

Read Also
Post a Comment