Following are the platforms for which the security update is currently being rolled out:-
- Windows (104.0.5112.102/101)
- Mac (104.0.5112.101)
- Linux (104.0.5112.101)
There should be an automatic update sent out in the coming days or weeks for those users who have automatic updates enabled.
When a large number of Chrome users have installed the security update, Google provides the key technical details about the zero-day vulnerabilities that they have fixed.
CVE-2022-2856 is the latest 0-day vulnerability found that is reportedly posing a high-severity security risk.
- CVE-2022-2856: Insufficient validation of untrusted input in Intents.
Ashley Shen and Christian Resell, two TAG members, discovered and reported this 0-day vulnerability as soon as they became aware of it.
This year’s fifth zero-day vulnerability has been fixed in the latest Chrome update. Here below we have mentioned all the 0-day vulnerabilities found this year:-
- CVE-2022-2294: July 4
- CVE-2022-1364: April 14
- CVE-2022-1096: March 25
- CVE-2022-0609: February 14
A web service or application can be launched directly from a web page by using this browser feature. In software, a lack of input validation can lead to the following outcomes:-
- Pathway to overriding protections
- Exceeding the scope of the intended functionality
- Potentially leading to buffer overflow
- Directory traversal
- SQL injection
- Cross-site scripting
- Null byte injection
Here below, we have mentioned all the other flaws detected and fixed:-
- CVE-2022-2852 (Critical)
- CVE-2022-2854 (High)
- CVE-2022-2855 (High)
- CVE-2022-2857 (High)
- CVE-2022-2858 (High)
- CVE-2022-2853 (High)
- CVE-2022-2859 (Medium)
- CVE-2022-2860 (Medium)
- CVE-2022-2861 (Medium)
Here are the steps you need to follow in order to perform the update right now:-
- Find the settings for your browser by heading to the browser’s menu.
- Select “About Chrome.”
- Now, wait, as the browser will scan for available updates.
To apply the security update to your program, restart the program once the download is complete.
This latest update to Google Chrome fixes a security flaw that has already been exploited by the attackers. Consequently, it is recommended that you update your browser as soon as possible to the most recent version.