If you are a user of Chrome on the desktop, this interests you, since Google warned just a few days ago that in the coming days or weeks will offer the new version number 105.0.5195.102, in which a vulnerability rated with high severity is correctedwhich is currently being actively exploited by attackers.
The company has not given enough information about the vulnerability at the moment, in order to avoid major problems while users of Chrome for Windows, Linux and Mac update their versions to the latest version that is already beginning to be rolled out to everyone.
Immediate upgrade recommended
As known, the vulnerability, qualified as CVE-2022-3075, points to its relation to “Insufficient Data Validation” in Mojo, its library of runtimes used in used by Chromium, the open source version that Chrome and other web browsers are based on, and which was disclosed to Google by an anonymous tipster on August 30.
According to the note offered in the Google post:
Access to bug details and links may be kept restricted until most users are updated with a fix. We will also keep the restrictions if the bug exists in a 3rd party library that other projects similarly depend on, but have not yet been fixed
The company thanks security researchers for their work in addressing the vulnerabilities that have been appearing before reaching the Chrome stable channel.
It is curious that this new version comes after the release of Chrome 105 on August 30, where, among other things, it had 24 security fixes, among which the vulnerability that has now caused the release of an emergency version was not found.
What now remains is to wait for the new version to be deployed in order to have it available as quickly as possible, which in my case is already available.
The steps to follow is to open the menu that is behind the three points available in the upper right, go to the Help option and several options will be displayed inside, having to click on Google Chrome Information.
From there you will be taken to a page where it is verified if there is the latest update to proceed with its download and installation, finishing it by having to restart the browser in order to have the most recent version.