Die 2022-opgedateerde weergawe van Chrome-blaaier om nou nuwe aktief benutte nul-dagfout reg te maak
Google on Thursday released software updates to address yet another zero-day flaw in its Chrome web browser.
Tracked as CVE-2022-4135, the high-severity vulnerability has been described as a heap buffer overflow in the GPU component. Clement Lecigne of Google’s Threat Analysis Group (TAG) has been credited with reporting the flaw on November 22, 2022.
Heap-based buffer overflow bugs can be weaponized by threat actors to crash a program or execute arbitrary code, leading to unintended behavior.
“Google is aware that an exploit for CVE-2022-4135 exists in the wild,” the tech giant acknowledged in an advisory.
But like other actively exploited issues, technical specifics have been withheld until a majority of the users are updated with a fix and to prevent further abuse.
With the latest update, Google has resolved eight zero-day vulnerabilities in Chrome since the start of the year –
CVE-2022-0609 – Use-after-free in Animation
CVE-2022-1096 – Type confusion in V8
CVE-2022-1364 – Type confusion in V8
CVE-2022-2294 – Heap buffer overflow in WebRTC
CVE-2022-2856 – Insufficient validation of untrusted input in Intents
CVE-2022-3075 – Insufficient data validation in Mojo
CVE-2022-3723 – Type confusion in V8
Users are recommended to upgrade to version 107.0.5304.121 for macOS and Linux and 107.0.5304.121/.122 for Windows to mitigate potential threats.
Users of Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi are also advised to apply the fixes as and when they become available.
Afrikaans 
English 
हिन्दी 
ગુજરાતી 
தமிழ் 
తెలుగు 
मराठी 
മലയാളം 
বাংলা 
Français de Belgique 
Deutsch (Schweiz) 
Deutsch (Sie) 
Deutsch 
English (Canada) 
English (New Zealand) 
English (UK) 
English (Australia) 
English (South Africa) 
اردو 
العربية 
Русский 
简体中文 
Azərbaycan dili 
অসমীয়া 
Magyar 
Bahasa Indonesia 
Español de Argentina 
Español de Colombia 
日本語 
Italiano 
Tiếng Việt 
Українська 
فارسی 
Français du Canada