[ad_1]
Google has launched an emergency safety replace for the desktop model of the Chrome net browser, addressing the eighth zero-day vulnerability exploited in assaults this 12 months.
The high-severity flaw is tracked as CVE-2022-4135 and is a heap buffer overflow in GPU, found by Clement Lecigne of Google’s Menace Evaluation Group on November 22, 2022.
“Google is conscious that an exploit for CVE-2022-4135 exists within the wild,” reads the replace discover.
As customers want time to use the safety replace on their Chrome installations, Google has withheld particulars concerning the vulnerability to forestall increasing its malicious exploitation.
Basically, heap buffer overflow is a reminiscence vulnerability leading to knowledge being written to forbidden (often adjoining) places with out examine.
Attackers might use heap buffer overflow to overwrite an software’s reminiscence to control its execution path, leading to unrestricted info entry or arbitrary code execution.
Chrome customers are advisable to improve to model 107.0.5304.121/122 for Home windows and 107.0.5304.122 for Mac and Linux, which addresses CVE-2022-4135.
To replace Chrome, head to Settings → About Chrome → Await the obtain of the newest model to complete → Restart this system.
[ad_2]
Source link
