14 DAY TRIAL // Google has released an emergency security update for Google Chrome, as the company is patching a 0-day vulnerability in the browser.
While not too many specifics have been offered, the vulnerability is already being exploited in the wild, with Google obviously urging its users to install the latest update as soon as possible.
The new version is Chrome 103.0.5060.114, and if you want to install it today, simply check for updates in the browser’ settings page.
According to Google itself, the new browser update comes to resolve three different security vulnerabilities, all of which are rated with a high severity rating.
- High CVE-2022-2294: Heap buffer overflow in WebRTC. Reported by Jan Vojtesek from the Avast Threat Intelligence team on 2022-07-01
- High CVE-2022-2295: Type Confusion in V8. Reported by avaue and Buff3tts at S.S.L. on 2022-06-16
- High CVE-2022-2296: Use after free in Chrome OS Shell. Reported by Khalil Zhani on 2022-05-19
The first of them is currently exploited in the wild, according to Google.
Google Chrome is currently the world’s number one browser, and needless to say, any potential security vulnerability could therefore affect millions of users.
Depending on the market share analysis, Chrome controls between 65 and 70 percent of the market (including here both the desktop and mobile). Microsoft Edge is the second most popular choice on the desktop with a share of approximately 10 percent, though it’s worth keeping in mind that Microsoft’s browser has also switched to the Chromium engine.
At the same time, Microsoft Edge is also pre-loaded with modern versions of Windows, such as Windows 10 and Windows 11, so it’s offered as the default browser to users of Microsoft’s operating system.
The most popular Google Chrome rival on mobile is obviously Safari, as Apple’s application is offered as the default choice on iPhones (as well as on macOS on the desktop).