Google has just released its fifth update this year that aims to fix certain zero-day vulnerabilities that have been exploited. The new Google Chrome update is called the CVE-2022-2856.

Google Launches Fifth Chrome Zero-Day Patch Called CVE-2022-2856

The company has just released an announcement recently about the update. The announcement was initially released in the Stable channel of its most popular browser, including a fix for certain exploits that are still widely in play.

Whenever Google spots a major vulnerability out in the wild that needs to be changed, it usually releases an update in order to help its browser, or other tools, catch up with the vulnerabilities. So far, the company has already released four updates prior to the most recent one, which are zero-day patches, the CVE-2022-2856.

Details Regarding the Update Have Not Yet Been Made Available to the Public

According to the story by Ars Technica, the most recent CVE-2022-2856 is a fix that aims to resolve the "insufficient validation of untrusted input in intents." The problem that the Chrome update is fixing is heavily within intents.

As seen on the Google advisory, Intents act as a way for users to pass data from inside Chrome towards yet another application. This includes things like the share button located on the address bar of Chrome.

Only the Chromium Bugs Group Received Access to the Details Regarding the Exploit Specifics

Dark Reading Blog noted that input validation is actually a common weakness that can be found in the code. The people responsible for reporting the exploit were Christian Resell and Ashley Shen, who both come from the Google Threat Analysis Group.

So far, the details are very limited, and the exploit specifics have been hidden behind a wall within the Chromium bugs group. The information is only available to those individuals who are actively trying to work on certain components that have been registered with Chromium.

Read Also: iOS Flaw Prevent VPNs To Function? Experts Concerned by Possible Unknown Insecure Connections

Update will Roll Out Soon but Users can Choose to Manually Start Them in Their Settings

The article by Ars Technica noted that maybe after a certain number of users have started to apply the needed updates, the details might be released to the public. As of press time, however, users won't be able to access what specific exploits Google is fixing with the new update and how they operate.

As per Google, the two updates 104.0.5112.102/101 for Windows and 104.5112.101 for Mac and Linux, are expected to roll out over the course of the upcoming days or weeks. Users, however, will be able to get the update manually by easily going to Chrome's "About" section that can be found in the users' settings.

The publication notes that the newest update will include ten different security fixes. Dark Reading also notes that the newest update will be Chrome's fifth zero-day vulnerability disclosed this year.

Related Article: India's Shipyaari Exposes Thousands of Customer Data, Incident Raises Security Concerns

This article is owned by Tech Times

Written by Urian B.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion