Google Chrome update squashes bug used to attack users By Mobile Malls August 18, 2022 0 632 views Google has patched a high-severity vulnerability for the desktop model of its Chrome browser.The flaw, tracked as CVE-2022-2856, is being actively exploited within the wild, the corporate says, which is why it’s paramount that customers patch their endpoints (opens in new tab) instantly. As is widespread, Google doesn’t need to say a lot in regards to the flaw, till the vast majority of Chrome cases have been patched. What it did say, although, is that that is an improper enter validation bug, additional described as “inadequate validation of untrusted enter in Intents.”Patching up holesThe repair got here as half of a bigger replace, overlaying a complete of 11 vulnerabilities. Moreover CVE-2022-2856, Google mounted these flaws, as nicely:CVE-2022-2852 (crucial): Use after free in FedCMCVE-2022-2854 (excessive): Use after free in SwiftShaderCVE-2022-2855 (excessive): Use after free in ANGLECVE-2022-2857 (excessive): Use after free in BlinkCVE-2022-2858 (excessive): Use after free in Signal-In Movement.CVE-2022-2853 (excessive): Heap buffer overflow in DownloadsCVE-2022-2859 (medium): Use after free in Chrome OS ShellCVE-2022-2860 (medium): Inadequate coverage enforcement in CookiesCVE-2022-2861 (medium): Inappropriate implementation in Extensions APIAs per a report on The Register, Google paid out no less than $29,000 to bounty hunters who discovered and disclosed these vulnerabilities. The best payout, of $7,000, went to researchers who discovered CVE-2022-2854 and CVE-2022-2855. Final yr, the corporate paid out nearly $9 million for quite a few bug disclosures.Being the world’s primary browser, Chrome can also be the largest goal, with numerous menace actors racing to seek out new zero-day vulnerabilities. Lower than two months in the past, Google mounted one such vulnerability for the Home windows model, that was allegedly being exploited within the wild.The high-severity bug, tracked as CVE-2022-2294, is a heap-based buffer overflow weak point.Here is the rundown of the most effective firewalls (opens in new tab) roundBy way of: The Register (opens in new tab)Share this:Click to share on Twitter (Opens in new window)Click to share on Facebook (Opens in new window)MoreClick to print (Opens in new window)Click to email a link to a friend (Opens in new window)Click to share on Reddit (Opens in new window)Click to share on LinkedIn (Opens in new window)Click to share on Tumblr (Opens in new window)Click to share on Pinterest (Opens in new window)Click to share on Pocket (Opens in new window)Click to share on Telegram (Opens in new window)Click to share on WhatsApp (Opens in new window)