Google on Friday released emergency fixes to address a vulnerability, tracked as CVE-2022-3075, in the Chrome web browser that is being actively exploited in the wild.
The CVE-2022-3075 flaw is caused by insufficient data validating in Mojo. Mojo is a collection of runtime libraries providing a platform-agnostic abstraction of common IPC primitives, a message IDL format, and a bindings library with code generation for multiple target languages to facilitate convenient message passing across arbitrary inter- and intra-process boundaries.
The vulnerability was reported by an anonymous researcher on August 30, 2022.
“Google is aware of reports that an exploit for CVE-2022-3075 exists in the wild.” reads the advisory published by Google.
An anonymous researcher has been credited with reporting the high-severity flaw on August 30, 2022.
This is the sixth zero-day vulnerability in Chrome that the IT giant addressed in 2022, the previous ones are:
Users should update to version 105.0.5195.102 for Windows, macOS, and Linux.
The issue also affects other Chromium-based browsers, including Microsoft Edge, Brave, and Opera.
Follow me on Twitter: @securityaffairs and Facebook
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, Chrome)
[adrotate banner=”5″]
[adrotate banner=”13″]
Nation-state actor UAT4356 has been exploiting two zero-days in ASA and FTD firewalls since November…
A malware campaign has been exploiting the updating mechanism of the eScan antivirus to distribute…
The Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned four Iranian nationals for their…
A cyber attack on Leicester City Council resulted in certain street lights remaining illuminated all…
The National Police Agency in South Korea warns that North Korea-linked threat actors are targeting…
The U.S. Department of State imposed visa restrictions on 13 individuals allegedly linked to the…
This website uses cookies.