Google Issues Urgent Chrome Update Warning for Mac and PC Users

There’s another zero-day exploit for Chrome, and Google has released a security update to address the flaw that is currently being exploited.

The update — 107.0.5304.121 for Windows, Mac, and Linux — will be released in the coming days or weeks.

Is that correct? Am I vulnerable if I don’t have Chrome installed? Wait, what? Is there anything I can do to stay secure if I don’t have Chrome installed?

Fear not, there are three key things you need to know:

1) Google has released a patch to address a previously unknown vulnerability in Chrome.

2) Microsoft plans to release the 107.0.5304.121 update for Windows, Mac, and Linux in the coming days or weeks.

3) An attacker could escape the Chrome sandbox using a specially crafted HTML page with a heap buffer overflow, as noted in CVE-2022-4135 in the database of security bugs and vulnerabilities.

Google says on its Chrome releases page that it is aware of reports that an exploit for the vulnerability is already in use.

Pressing Command-Q to quit the Google Chrome browser, Mac users can keep the browser updated automatically. If the browser has not been closed in a long time, a button in the upper-right corner of the app will say ‘Update.’

You can click the “More” icon in the Chrome browser’s upper-right corner and then select Help, followed by About Google Chrome and Update Google Chrome if it is present.

According to a report published on October 5, Chrome was the most vulnerable browser in 2022, with 303 security issues. It’s been a rough year for Chrome security.

The company patched its seventh zero-day exploit in Chrome at the end of October. Because it’s a popular browser, attackers are interested in exploiting vulnerabilities.