High CVE-2022-0604: Heap buffer overflow in Tab Groups.High CVE-2022-0603: Use after free in File Manager.“Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” Google added.īelow is the list of the other flaws addressed by Google with the latest release of its browser: The IT giant also avoided disclosing info regarding the attack in the wild exploiting the flaw. Google did not disclose technical details for the CVE-2022-0609 to avoid massive exploitation of the bug. Users could update their browser manually by visiting the entry Chrome menu > Help > About Google Chrome. The emergency patches will be rolled out in the next weeks. “Google is aware of reports that an exploit for CVE-2022-0609 exists in the wild.” Reported by Adam Weidemann and Clément Lecigne of Google’s Threat Analysis Group on ” reads the security advisory published by Google.
So, fire that browser up and ensure you are protected by heading for the 'Help and feedback|About Microsoft Edge' entry in the three-dot menu top right.The zero-day is a use after free issue that resides in Animation, the bug was reported by Adam Weidemann and Clément Lecigne of Google’s Threat Analysis Group. Like Chrome, Edge also updates automatically but requires the same restart to be appropriately activated. That's the zero-day that has already been confirmed as exploited by cyber-criminals. According to Microsoft, version 1.49 contains a fix for CVE-2022-2294. So, I'm very pleased to be able to update this article with the news that Microsoft has already rolled out an update for Edge users. MORE FROM FORBES Microsoft Downplays 'High-Risk' Edge Security Warning For 150 Million Users By Davey Winder A delay of 24 or 48 hours isn't unusual and sometimes has been much longer, and that's time enough for someone to potentially step through that open threat window. I have been relatively vocal in the recent past that these critical updates take far too long to arrive with Edge users. Microsoft Edge is the biggest of these by user number. The same advice applies to users of other web browsers that use the Chromium engine under the hood. Restarting your browser will activate that protection or kickstart a download if not already waiting to be installed. If you tend to keep a desktop browser open for days or weeks on end without shutting down your computer, this doesn't mean an automatic update will actually be protecting you. Hopefully, your copy of Google Chrome for both Windows and Android should have been updated by now. Remember that you will not be protected until you restart your browser. You can do this by heading for the Help|About option in the Chrome menu, forcing an update check, and automatically downloading and installing it as required. Windows users are advised to install the Chrome update as a matter of some urgency. Windows users of Chrome need to update right now Davey Winder
0 kommentar(er)
