Google Chrome zero-day vulnerability has been fixed
In response to a single high-severity zero-day security vulnerability with the name CVE-2022-3075, Google Chrome has received a new update that has been made available. Google stated that it was “aware of reports” that the web browser vulnerability had been exploited “in the wild.” The most recent update will now completely roll out for all Chrome desktop users as part of the Stable Desktop channel. This includes users who are operating Chrome on Macs, Linux, and Windows. Launching Chrome and navigating to “Menu > Help > About Google Chrome” will allow you to determine whether or not you have the most recent update installed.
Google stated that it was not prepared to release any additional information about the vulnerability or how it works just yet. This was presumably meant as a precaution to prevent cyber criminals from attempting to take advantage of the weakness before its user base is fully updated. The search giant did, however, reveal that the vulnerability had been brought to their attention by an unknown security researcher. There have been allegations of extremely significant incidents in which hackers have exploited zero-day vulnerabilities in Google Chrome. These vulnerabilities are known as “zero days.”
According to a report (opens in new tab) published by Google’s Threat Analysis Group (TAG), hackers working for the government of North Korea attempted to carry out state-sponsored cyber assaults by exploiting a zero-day vulnerability in Chrome that allowed remote code execution. According to the claim, it took more than a month before the patch could be downloaded and installed. Since the beginning of 2022, Google has fixed six vulnerabilities in Chrome that were discovered on the same day they were discovered. These vulnerabilities include CVE-2022-0609, CVE-2022-1096, CVE-2022-1364, CVE-2022-2294, and CVE-2022-2856.
It is in the best interest of users of browsers based on Google’s open-source Chromium software, such as Microsoft Edge, Opera, or Samsung Internet, to ensure that their browsers are kept up to date. This type of vulnerability could also affect users of browsers based on Google’s proprietary Chromium software. Unfortunately for customers all across the world, Google Chrome continues to be a popular endpoint for hackers to use when trying to breach people.
Recent research conducted by McAfee found that over 1.4 million users had malicious Google Chrome extensions installed in their browsers. These extensions are designed to modify the cookies of victims whenever those victims visit online retailers in an effort to generate affiliate commissions from the victims’ subsequent purchases.