Google Chrome is now much safer with its latest update.
Google recently released a new update for its Chrome web browser, which patched out a single-high-severity security flaw that is allegedly being exploited by cybercriminals in various places.
Google, nevertheless, said it is "aware" of the flaw and how cybercriminals would exploit it with reports in the wild, per Google's Chrome Blog.
Google Chrome 105.0.5195.102 Update Details - What Did It Fix?
Google mentioned in a Chrome blog post that it had released an update that shored up the web browser's vulnerabilities after being made aware of reports about it "in the wild."
According to a report from Bleeping Computer, Google Chrome update 105.0.5195.102 is updated solely to prevent cybercriminals and hackers from exploiting the vulnerability called CVE-2022-3075.
CVE-2022-3075 is a high severity vulnerability created by insufficient data validation in Mojo, which is a collection of runtime libraries that facilitates message passing across arbitrary inter- and intra- process boundaries.
Google mentioned that an anonymous source reported the vulnerability on Aug. 30, 2022. Google's security team normally uses AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL to detect vulnerabilities in Chrome.
Unfortunately, the search giant did not include any exploitation detail in its blog post despite being aware of the flaw and at least one method to exploit it in the wild.
Read More: Meta is Canceling Facebook 'Neighborhoods' Even Before it Rolls Out to Most Users
A quick search on Tenable and CVE also did not provide any detail about how cybercriminals and hackers use Chrome's vulnerability to their advantage.
However, Google did state that details and links about the vulnerability may be kept restricted until a majority of users have the fix provided by its latest update.
The company will also retain restrictions if the bug exists in a third party that other projects similarly depend on, but haven't yet fixed.
Google is probably delaying the release of the vulnerability's exploitation details to provide Chrome users with enough time to update and prevent exploitation attempts until more threat actors create their own exploits to deploy in attacks.
How To Release Google Chrome Patch 105.0.5195.102
Google Chrome's Patch 105.0.5195.102 is available in the Stable Desktop Channel, with the company expecting that Chrome's entire user base will receive it within days or weeks of its release.
Google Chrome users who wish to update their web browser manually can follow these instructions to do so from Google's Support Page:
- Open Google Chrome and click on the "More" icon at the top right corner of the screen.
- Click on "Help" and then "About Google Chrome." Doing so will open Chrome's settings window on "About Chrome."
- Click on "Update Google Chrome." This button will not be present if your web browser is already on the latest version.
- Click "Relaunch" to open Chrome again in its updated state.
Google Chrome normally downloads updates in the background whenever you close and reopen it.
Related Article: Google PlayStore To Accept Alternate Payment Systems in More Countries
