Google has launched an replace for a high-severity zero-day vulnerability, often known as CVE-2022-4135, which impacts its Chrome browser. 

The search big mentioned that an exploit for the vulnerability, detected by the French safety researcher Clement Lecigne, exists within the wild, that means customers might be in danger.

Google mentioned it will not disclose a lot details about the character of the vulnerability  “till a majority of customers are up to date with a repair” and that it “may even retain restrictions if the bug exists in a third-party library that different initiatives equally depend upon, however haven’t but mounted”.

So, what do we all know? 

Google was capable of disclose that the vulnerability was an instance of what is known as a “heap buffer overflow”, quite a lot of buffer overflow the place a buffer that’s weak to overwriting is situated within the “heap” portion of the system’s reminiscence.

Disclosing anymore might “tip off” dangerous actors concerning the vulnerability earlier than the overwhelming majority of Google Chrome’s customers are absolutely patched. 

Customers who need to keep away from the chance of being impacted are suggested to replace to 107.0.5304.121 for Mac and Linux and 107.0.5304.121/.122 for Home windows, that are each units that can roll out over the approaching days and weeks.

Google’s flagship Chrome browser has definitely racked up a secure variety of safety vulnerabilities lately. 

The browser at the moment boasts round 66 % market share based on information from StatCounter (opens in new tab), and has had 303 vulnerabilities unearthed between  January 1, 2022, to October 5, 2022 based on information from 

In distinction, Safari solely had 26 vulnerabilities revealed in the identical time interval, whereas  Microsoft Edge had 103 vulnerabilities,s and Mozilla Firefox got here in second place with 117 vulnerabilities.

This features a zero-day vulnerability known as CVE-2022-3723 uncovered earlier this month, which apparently represented a “Sort Confusion flaw” which impacted Chrome’s V8 JavaScript engine.

As per a report from cybersecurity firm Avertium, the vulnerability might have doubtlessly enabled dangerous actors to dupe Chrome into operating malignant malware.

• Focused on protecting your group secure? Take a look at our information to the perfect endpoint safety