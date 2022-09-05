- Advertisement -

is publicly asking users to update as soon as due to a vulnerability that is being actively exploited by malicious actors.

The patched version of Google Chrome is 105.0.5195.102 (at least on Windows), which fixes a serious zero-day security flawtracked as CVE-2022-307, which is insufficient validation in Mojo, a collection of runtime environment libraries used by Chromium.

- Advertisement -

Google has not provided exact information about the security flaw and, moreover, has commented that “access to bug details and links may be restricted until most users have updated with the fix”. This seems to indicate that the company has preferred to reserve the information to avoid paving the way even more for cybercriminals, which suggests that it could be an easy to exploit vulnerability as well as a dangerous one. The bug has been reported by an unidentified researcher who has already been rewarded by the search engine giant.

The lack of information leaves in the air the possibility that Chrome is not the only web browser affected by the vulnerability, so if it has impacted the original project, Chromium (which is widely used as a web browser among Linux users) , it means that Microsoft Edge, Opera, Vivaldi, Brave and other lesser known applications would be affected, so we recommend proceeding to actively check for updates in the following days as a precautionary measure.





- Advertisement -

The version check in Chrome is done from the main menu of the application and going to Help > About Google Chrome. Doing that not only helps you see the version number, but it will also force the update process on Windows and macOS, while on Linux you have to wait for it to arrive as a system update via the Google or Google repository. third parties that are being used, as is the case with Flathub. Google has not mentioned, at least for now, Android.

As we have already said, Google’s lack of transparency around this issue leaves it up in the air whether the origin of the vulnerability is in Chromium or Chrome. If you are in the former, it would be highly recommended to check for updates for the derivative in turn, be it Microsoft Edge, Opera, Brave, Vivaldi, etc.