Google asks Chrome users to upgrade browser ASAP: Here's why
Google has requested Chrome users on Windows, Linux, and Mac to update the browser and safeguard themselves from a security vulnerability that hackers are exploiting. The update (version 105.0.5195.102) is a fix for the zero-day bug CVE-2022-3075. It will be rolled out to the entire user base within the next few weeks. Notably, this is the sixth zero-day vulnerability faced by Chrome in 2022.
Why does this story matter?
Google has been forced to put out a new Chrome update just days after it released version 105 with 24 security fixes. However, it did not prove to be enough. There are several malicious elements ready to exploit the slightest of vulnerabilities and harm unsuspecting users. The tech giant is just trying to keep the damage to a minimum.
What is the CVE-2022-3075 bug?
The CVE-2022-3075 is a very severe vulnerability caused by insufficient data validation in Mojo: a group of runtime libraries used by Chromium (the codebase Chrome is built on). Mojo ensures the passing of messages across inter- and intra-process boundaries. Google claims that the vulnerability was flagged by an anonymous security researcher. The company is restricting access to bug details and links for now.
What is a zero-day vulnerability?
Zero-day is described as a flaw in software that is unknown to the party or parties responsible for patching/fixing the vulnerability. Since the patch is unavailable, the chances of the attacks succeeding are higher. Prior to CVE-2022-3075, five such vulnerabilities were found and patched this year. They include CVE-2022-0609 in February, CVE-2022-1096 in March, CVE-2022-1364 in April, CVE-2022-2294 in July, and CVE-2022-2856 last month.
How to check for the update?
To ensure that you are using the latest Chrome version, tap the icon with three dots in the top right corner of the screen. Now head to "Help" and then "About Google Chrome." This will lead you to a page that informs you whether the browser is up to date. Once you get the firmware, relaunch the browser to activate it.
