2022 is not being a year that Google can boast about in terms of security. In addition to the typical errors and security flaws that appear in all programs, this year Chrome users have had to face several critical zero-day flaws, security problems that were being exploited on the network. Thus, Google has been forced to launch several emergency updates for its browser in order to mitigate the impact of these zero-day bugs. And the eighth of these critical updates arrives today.
A few hours ago, Google surprised users with a new emergency update to Google Chrome. This new patch is focused, especially, on fixing a new critical zero-day bug that was starting to cause chaos among users who used this browser when they went out on the Internet.
The judgment in question has been registered as CVE-2022-4135, and it is a GPU Buffer Overflow failure. This vulnerability has been discovered by one of the Google analysts after analyzing some logs collected by the browser. As the company claims, this vulnerability was already known by various groups of hackers, and they have been using it to take control of system memory and alter the operation of other processes running on the PC. It can also be used for remote code execution with permissions in system memory.
At the moment, for security reasons, Google has not revealed more technical information about the vulnerability, although it will do so as soon as most Chrome users update the browser. The company ensures that this vulnerability is also present in other similar projects (that is, other Chromium-based browsers), so it will be aware of its evolution before revealing information about this security flaw.
How to stay safe with Chrome
If we want to prevent our PC from being in danger, what we have to do is make sure that we have the latest available version installed, the one that corrects this eighth critical security flaw. Chrome, normally, updates automatically, so we shouldn’t worry about anything. But, if we want to make sure, we only have to open the Chrome menu, and go to the Help> Information section of Google Chrome.
In the browser it should appear that we have version 107.0.5304.122 (or any later) installed in both Windows and macOS or Linux. Otherwise, we may be in danger. If we already have this version installed, we don’t have to worry, since the vulnerability will be fixed, in addition to the other 7 critical bugs that have been fixed throughout this year:
- CVE-2022-0609 (February)
- CVE-2022-1096 (March)
- CVE-2022-1364 (April)
- CVE-2022-2294 (July)
- CVE-2022-2856 (August)
- CVE-2022-3075 (September)
- CVE-2022-3723 (October)
If we do not have the browser, and we are going to use it, when we install Chrome from scratch we will already be in this new version, so we will be able to browse safely and privately with Chrome without any problem.