2022 is not being a year that Google can boast about in terms of security. In addition to the typical errors and security flaws that appear in all programs, this year Chrome users have had to face several critical zero-day bugs, security problems that were being exploited on the network. Thus, Google has been forced to launch various emergency updates for your browser in order to mitigate the impact of these zero-day failures. And the eighth of these critical updates arrives today.
A few hours ago, Google surprised users with a new emergency update to Google Chrome. This new patch is focused, especially, on fix a new zero-day critical bug which was starting to cause chaos among the users who used this browser when they went out on the Internet.
The judgment in question has been registered as CVE-2022-4135 , and it is a GPU Buffer Overflow failure. This vulnerability has been discovered by one of the Google analysts after analyzing some logs collected by the browser. As the company claims, this vulnerability was already known by various groups of hackers, and they have been using it to take control of system memory and alter the operation of other processes running on the PC. It can also be used for remote code execution with permissions in system memory.
At the moment, for security reasons, Google has not revealed more technical information about the vulnerability, although it will do so as soon as most Chrome users update the browser. The company ensures that this vulnerability is also present in other similar projects (that is, other Chromium-based browsers), so it will be aware of its evolution before revealing information about this security flaw.
How to stay safe with Chrome
If we want to prevent our PC from being in danger, what we have to do is make sure that we have the latest available version installed, the one that corrects this eighth critical security flaw. Chrome, normally, updates automatically, so we shouldn’t worry about anything. But, if we want to make sure, we only have to open the Chrome menu, and go to the section Help > About Google Chrome.
In the browser it has to appear that we have installed version 107.0.5304.122 (or any later) on both Windows and macOS or Linux. Otherwise, we may be in danger. If we already have this version installed, we don’t have to worry, since the vulnerability will be fixed, in addition to the other 7 critical bugs that have been fixed throughout this year:
- CVE-2022-0609 (February)
- CVE-2022-1096 (March)
- CVE-2022-1364 (April)
- CVE-2022-2294 (July)
- CVE-2022-2856 (August)
- CVE-2022-3075 (September)
- CVE-2022-3723 (October)
If we do not have the browser, and we are going to use it, when we install Chrome from scratch we will already be in this new version, so we will be able to browse safely and privately with Chrome without any problem.