November 27, 2022

Google Chrome 0-Day Vulnerability Exploited in the Wild

Google has released an emergency update for Chrome, addressing an actively exploited Zero-Day vulnerability.

The updated version is 107.0.5304.121/.122 for Windows, Mac and Linux.

Google has not shared further information regarding the Zero-Day details and exploitation, however such vulnerabilities typically allow attackers to create unusually powerful exploits which may result in remote code execution and data loss.

The Vulnerability

• CVE-2022-4135, High-severity- and is a heap buffer overflow in GPU.

Affected Products

Chrome for Desktop prior to version 107.0.5304.121

Mitigation

CYREBRO recommends updating browsers to the latest Chrome version, 107.0.5304.121 for Mac and Linux, and 107.0.5304.121/.122 for Windows.

References: Google Advisory