Google Releases Patch for Chrome CVE-2022-2294 Exploit

Google Chrome has released a new patch to address the threat of CVE-2022-2294.

Google was quick to detect the high-severity zero-day vulnerability inside of Chrome’s system.

This Google vulnerability has unfortunately been exploited by malicious actors. The newly released patch will be the fourth Chrome zero-day patch released by Google this year.

Google released the 103.0.5060.114 version, which is now available in the Stable Desktop channel worldwide.

The company states that it estimated that it would take days or weeks to reach the whole user base.

Google Chrome Vulnerability

Google has released security fixes to address a high-severity zero-day vulnerability in its Chrome web browser.

Google stated that the current vulnerability in the wild was being exploited by malicious actors.

CVE-2022-2294 is a high-severity heap-based buffer overflow vulnerability in the WebRTC (Web Real-Time Communications) component.

The consequences of successful heap overflow exploitation can range from program crashes to unfettered code execution, as well as bypassing security solutions if code execution is gained during the attack.

When the overflow happens, this has the ability to breach a user’s privacy since it allows real-time video and audio communication from the browser without the need to install plugins or download native apps.

According to The Hacker News, Heap buffer overflow happens when data is overwritten in the memory’s heap area, leading to a denial-of-service (DoS) condition.

This is also commonly called “heap smashing” or “heap overruns.” Even though people have the perception that it will only affect PCs, it is worth noting that this bug also affects Google Chrome on Android devices.

Google stated that the CVE-2022-2294 vulnerability was reported to them by a researcher from the Avast Threat Intelligence team, Jan Vojtesek.

Vojtesek is credited for reporting and discovering the vulnerability on July 1, 2022.

The customary practice when detecting a bug in the wild is to keep the information, details, and links regarding the vulnerability restricted for the meantime.

Google is following exactly the same protocol, waiting and giving the majority of users ample time to deploy the update on their devices. This is also to minimize and avoid further abuse in the wild.

Google Chrome Zero-Day Vulnerability

CVE-2022-2294 is Google’s fourth zero-day vulnerability since the year started. According to BleepingComputer, there were three other vulnerabilities detected in Chrome before this update.

The first vulnerability was CVE-2022-0609, which was detected on February 14. The vulnerability, CVE-2022-0609, was exploited by North Korean-backed state hackers weeks before the February patch.

The second vulnerability in Google Chrome was detected on March 25, CVE-2022-1096. This vulnerability in the Chrome V8 JavaScript engine has a high severity level and affects type misunderstanding.

The third one was CVE-2022-1364, which was detected on April 14. This vulnerability is a type confusion weakness in Chrome V8 JavaScript engine which was also a high severity bug.

To prevent exploitation, users are advised to install today’s current Google Chrome update since this zero-day vulnerability is of high severity.

To protect themselves from any potential danger, users are strongly encouraged to update to version 103.0.5060.114 for Windows, macOS, and Linux, and to version 103.0.5060.71 for Android.

In addition, Opera, Brave, Vivaldi, and Microsoft Edge users are also encouraged to apply the changes as soon as they are made available to them.

NEWS RELATED

YouTube to Add Watermarks to Shorts Videos When They’re Downloaded

The Google-owned video platform is making it harder for creators to cross-post the same content to TikTok. The California-based video sharing platform is fully aware that content creators are posting their YouTube Shorts to TikTok and now, the Google-owned company is placing a watermark on those videos. In an ...

View more: YouTube to Add Watermarks to Shorts Videos When They’re Downloaded

Google’s Groovy Venice Campus Hit By Large Covid Outbreak

Google’s Frank Ghery-designed digs in Venice Kevork Djansezian/Getty Images) Even as daily Covid case numbers fall in Los Angeles, there has been a rash of infections at one of the city’s glitziest addresses: 321 Hampton Dr in Venice. That’s the location of Google’s Silicon Beach campus. The compound was, ...

View more: Google’s Groovy Venice Campus Hit By Large Covid Outbreak

Bolsonaro é grosseiro com assessor horas após confusão com youtuber e gritos com equipe

BRASÍLIA, DF (FOLHAPRESS) – O presidente Jair Bolsonaro (PL) tratou com grosseria um assessor, nesta quinta-feira (18), durante a live que costuma transmitir semanalmente nas redes sociais. Isso ocorreu no mesmo dia em que o mandatário tentou arrancar o celular da mão de um youtuber e, mais tarde, gritou com ...

View more: Bolsonaro é grosseiro com assessor horas após confusão com youtuber e gritos com equipe

Google Cloud blocks largest HTTPS DDoS attack ever

Vendor claims Cloud Armor protected a customer from a HTTPS DDoS attack that peaked at 46 million requests per second with links to the Mēris attack family.

View more: Google Cloud blocks largest HTTPS DDoS attack ever

El encontronazo de Jair Bolsonaro con el youtuber Wilker Leão

El presidente de Brasil, Jair Bolsonaro, ha tenido un polémico enfrentamiento este jueves cuando ha agarrado a un youtuber que se manifestaba contra su Gobierno afuera de la residencia oficial en Brasilia. El youtuber Wilker Leão se ha aproximado a cuestionar al presidente, llamándolo “cobarde”, entre otros insultos. Minutos ...

View more: El encontronazo de Jair Bolsonaro con el youtuber Wilker Leão

India can be top country for app creation: Google Play’s Aditya Swamy

ETtechIndia has always been a top country when it comes to app downloads but very soon it could become the number one country from an app development point of view, Aditya Swamy, director, play partnerships, at Google Play, has said.As Google Play completes a decade in India, the country is ...

View more: India can be top country for app creation: Google Play’s Aditya Swamy

Bolsonaro forcejeó con un youtuber que lo insultó a la salida de la residencia presidencial

Bolsonaro forcejeó con un youtuber que lo insultó a la salida de la residencia presidencial El presidente de Brasil, Jair Bolsonaro, forcejeó este jueves y quiso quitarle el celular a un youtuber que lo provocó mientras se filmaba a la salida del Palacio de la Alvorada, la residencia presidencial. ...

View more: Bolsonaro forcejeó con un youtuber que lo insultó a la salida de la residencia presidencial

WhatsApp Android beta gets themed icon support

It's the biggest third-party app to support the feature, but I still don't think I'll use it any time soon

View more: WhatsApp Android beta gets themed icon support

Is your iPhone or Android waterproof? Hidden ‘IP code’ can tell you

Bolsonaro tenta arrancar celular de youtuber que o provocou no Alvorada

The best Android 13 beta feature for Pixels is missing in action

5 Rekomendasi Channel YouTube untuk Kamu yang Tertarik dengan Dunia Psikologi

India BANS 8 YouTube channels for carrying horrific content! This is what they were doing; check full list

Former Google executive exposes big tech

Govt blocks 8 YouTube channels for showing ‘fake, anti-India’ content

Android 13 es oficial: ¿cuáles son sus principales novedades y cómo tener la actualización?

Dozens more shape-shifting malicious Android apps discovered

YouTube: el mundo a través de un niño sordo y uno ciego

Intolerante a críticas, Bolsonaro vulgariza a presidência em vídeo com youtuber | Kennedy Alencar

Wilker Leão: Quem é o youtuber que chamou Bolsonaro de 'tchutchuca do centrão'

OTHER NEWS