Here’s how to upgrade Chrome after Google patches, a high-risk problem that hackers are actively exploiting. With the latest Chrome release, Google has patched 11 high-risk vulnerabilities. External researchers discovered eight of them. In the wild, one of these is being actively exploited.
Google has begun rolling out a new version of Chrome for Windows, macOS, and Linux devices, and all users are recommended to upgrade Chrome. The emergency update includes a vital remedy for a newly discovered high-risk zero-day vulnerability that affects all Chrome browsers and is already being actively exploited.
Google revealed the update in a recent post, including a list of all the changes it includes. According to Google’s blog, Chrome’s stable channel for Windows, Mac, and Linux has been updated to 98.0.4758.102. According to the business, it will be given out to users over the next few days and weeks. In addition, Google will release a 98.0.4758.102 upgrade to the expanded stable channel for Windows and Mac.
The update delivers 11 crucial security fixes to Chrome, according to Google. It also includes contributions from outside cyber security researchers. Researchers from outside Chrome’s team discovered a total of eight flaws. All of the issues were judged to be critical and had a high CVE (Common Vulnerabilities and Exposures) score on Google’s scale, ranging from CVE-2022-0603 to 0610.
Google also confirmed in its blog that a CVE-2022-0609 attack is in the wild, implying that cyber attackers are constantly exploiting the security flaw online to get access to systems. Chrome users are encouraged to upgrade Chrome as soon as the updated version becomes available.
This is another reason that Google has withheld information about the defect and its fix for the time being. It has kept access to issue data and links “limited until a majority of users are updated with a remedy,” according to its blog. It also adds that “if the defect exists in a third-party library that other projects similarly rely on but haven’t yet resolved,” it will “retain restrictions.”
CVE-2022-0609 appears to be a Use-After-Free (UAF) vulnerability, as do most of the other problems corrected in the update. This security flaw is caused by erroneous dynamic memory allocation during program execution. A hacker can utilize the pointer to execute its command set within the newly vacant region if the memory location is cleared, but the pointer to it remains.
To upgrade Chrome, users can check for new updates by selecting “Settings” from the three-dot drop-down menu in the top-right corner of their browser. They may see their Chrome version in the About Chrome area of the Settings page and update it to the most recent version available.