On Friday, Google announced the release of a new version of its Chrome browser that includes a security fix for a zero-day tracked as CVE-2022-3075. As with previous announcements, technical details about the vulnerability wonβt be released until a certain number of Chrome users have already applied the patch.
Google is urging its Windows, Mac, and Linux users to update Chrome to version** 105.0.5195.102**.
CVE-2022-3075 is described as an β[i]nsufficient data validation in Mojoβ. According to Chromium documents, Mojo is "a collection of runtime libraries" that facilitates interfacing standard, low-level interprocess communication (IPC) primitives. Mojo provides a platform-agnostic abstraction of these primitives, which comprise most of Chromeβs code.
An anonymous security researcher is credited for discovering and reporting the flaw.
CVE-2022-3075 is the sixth zero-day Chrome vulnerability Google had to address. The previous ones were:
Google Chrome needs minimum oversight as it updates automatically. However, if youβre in the habit of not closing your browser or have extensions that may hinder Chrome from automatically doing this, please check your browser every now and then.
Once Chrome notifies you of an available update, donβt hesitate to download it. The patch is applied once you relaunch the browser.
Stay safe!