CATEGORIES
home IT/Enterprise Security

Urgent Security Flaw Is Forcing Google Chrome Users To Patch Browsers ASAP

by Mark TysonFriday, August 19, 2022, 01:41 PM EDT
Goolge Chrome security patch
Google has released a Chrome browser update which addresses a zero-day flaw that is currently under active attack. This is the fifth time this year that Google has put Chrome users in a situation where they should act swiftly to apply a patch to a critical security flaw. If you are a Chrome user, please check that you are running 104.0.5112.102/101 for Windows, or 104.0.5112.101 for Mac and Linux. If not, you can nudge Chrome to update immediately by selecting the triple dot menu in the upper-right corner, then Help, then About Google Chrome.

Goolge Chrome security patch update

The latest Chrome update includes not only the headlining security flaw, but 11 critical, high, and medium security fixes in total. The headlining issue is Chrome bug 1345630, which has been tracked as CVE-2022-2856. Until CVE-2022-2856 is patched, it can allow attackers to run arbitrary code on your system. Its almost benign sounding technical description is that it allows “Insufficient validation of untrusted input in Intents,” but do not let your guard down.

Translating the CVE techno-speak to English, ‘Intents’ are a deep linking device used by Google to allow links to open up other apps. Think about links that pop open a video conferencing app, or a torrent app, for example. Google's mechanism in Chrome was too open, and thus open to exploitation. Attackers could craft a form on a web page, and a visitor using an unpatched version of Chrome could then get a dose of malware. However, Google is prudently holding back on most of the details of the flaw, including how it is being exploited in the wild, as the update rolls out to users who might not keep up with the latest tech news. Remember, you can get the update now if you follow our tip in the intro.

Security focused website ThreatPost notes that CVE-2022-2856 is the fifth Chrome vulnerability of 2022, where attackers have been actively seeking to exploit a flaw to reap ill-gotten-gains. The moral of the story is that users should pay particular attention to keeping their web-facing software up to date, and browsers are one of the primary targets of threat actors.
Tags:  Chrome, Google, Zero Day, (nasdaq:goog)
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment