Google Chrome is the world’s most popular browser, but that does not make it invulnerable to serious security threats. In case you missed it over the holiday weekend, Google issued an update for a zero-day vulnerability that hackers are actively exploiting. If you use Chrome on Windows, Mac, or Linux, you should install the update as soon as possible.
CVE-2022-3075, the vulnerability in question, involves “insufficient data validation in Mojo.” As Google explains, Mojo is a collection of runtime libraries used by Chromium, which is the platform on which Chrome is built. The vulnerability was reported by an anonymous source on August 30. Google began rolling out a fix in update 105.0.5195.102 on Friday, September 2. The update should roll out to everyone in the coming weeks.
Google shared the following note about why it isn’t revealing many details yet:
Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.
This is the sixth zero-day bug Chrome users have had to deal with this year. The last one hit less than a month ago and involved multiple vulnerabilities.
How to update your Chrome browser
Chrome doesn’t always apply the latest updates when you open the browser, so if you want to check and see which version you are running, go to Settings and then About Chrome at the bottom of the menu bar on the left side of the screen.
If you are already running the latest version of the browser, then you are good to go. If not, you should begin the process of updating as soon as possible. Once it finishes downloading, click the Relaunch button to finish updating.
More Google coverage: For more Pixel news, visit our Pixel 7 guide.