Η Google κυκλοφόρησε μια νέα ενημέρωση του Chrome στην έκδοση 105.0.5195.102 για Appliances with Linux, macOS and Windows στις 2 Σεπτεμβρίου 2022. Πρόκειται για μια έκτακτη ενημέρωση για το κλείσιμο μιας vulnerabilitys that has been assessed as high severity.
In fact, an exploit is already circulating.
The relevant entry for Chrome 105.0.5195.102 in the fixed channel bit's on the Google blog. This update fixes the following vulnerability.
[$TBD][1358134] Υψηλό CVE-2022-3075: Ανεπαρκής επικύρωση δεδομένων στο Mojo. Αναφέρθηκε από Anonymous στις 30-08-2022
An anonymous user reported the vulnerability which was rated High by Google. However, Google doesn't give any further explanation of what's going on.
The vulnerability is reportedly caused by insufficient data validation in Mojo. Mojo is a collection of runtime libraries that allows message passing across irregular boundaries between and within processes.
Google is aware that an exploit for the vulnerability is already in circulation. The Windows version of Chrome will be rolling out to systems via the auto-update feature in the coming days. Of course you can (and should) directly update the browser manually (via the About Google Chrome menu). You can also download the latest version of the Chrome browser from here.
