Google released a Chrome web browser update to address a security issue in the browser that is actively exploited in the wild.
Chrome 100.0.4896.127 has been released for all supported desktop operating systems — Windows, Mac and Linux — to address the issue. The update is being rolled out over time as usual, but Chrome users may speed up the installation in the following way:
- Select Chrome Menu > Help > About Google Chrome, or load chrome://settings/help directly.
The page displays the installed browser version. A check for updates is performed when the page is opened in the browser. Chrome should download and install the update automatically at that point.
The company notes that it is aware of an exploit that is actively used against the vulnerability:
Google is aware that an exploit for CVE-2022-1364 exists in the wild.
Google did not provide specifics; this is common, as companies that release security patches want updates to be rolled out to the majority of users and devices first. The premature release of information could result in the creation of exploits by other malicious actors.
Google released three zero-day vulnerability updates for its Chrome web browser this year. Other Chromium-based web browsers may also be affected by the issue. Security updates for these web browsers will likely be released soon, provided that the issue affects these browsers as well.
Chrome users may want to upgrade their browser as soon as possible to protect it against attacks that target the 0-day vulnerability. Users who use other Chromium-based browsers may want to check for updates or news regularly to make sure their browsers do get patched as well.
Original Source link