September 4, 2022

Google Chrome 0-Day Vulnerability Exploited in the Wild

Google has released an emergency update for Chrome, addressing an actively exploited Zero-Day.

The updated version is 105.0.5195.102 for Windows, Mac and Linux.

The 0-Day Vulnerability

• CVE-2022-3075, High severity -Insufficient data validation Vulnerability in Mojo.

Successful exploitation of this vulnerability may lead to Remote Code Execution, and potentially – full system compromise.

Affected Products

• Chrome for Desktop prior to version  105.0.5195.102.
• Since the vulnerability affects all unpatched Chromium based browsers, new updates should be monitored in browsers such as Opera, Firefox, and Edge.

Mitigation

CYREBRO recommends updating browsers to the latest Chrome version, 105.0.5195.102 for Windows, Mac and Linux.

References: Google Chrome Advisory