Google Chrome has released a security fix with their latest version, Chrome 105.0.5195.102, addressing a zero-day exploit. Without the update installed, all users across Windows, Mac, and Linux will be vulnerable.
If that sounds familiar, it should: This is the sixth time this year that Chrome has issued a major security update to stop a zero-day vulnerability in its tracks. Still, staying secure online doesn't become less important just because we're constantly updating.
The good news here? You'll likely just have to close and re-open Chrome in order to automatically update, so there's no tech know-how required.
Chrome's New Security Tweak
This time, we don't know much about the exploit except that it's termed CVE-2022-3075. “Google is aware of reports that an exploit for CVE-2022-3075 exists in the wild,” the tech giant mentioned in their announcement post.
The Chrome team did let one detail clarify what type of issue they're addressing, however. It's related to “insufficient data validation in Mojo” — Mojo is the collection of runtime libraries that Chromium is based on.
The company explains in the post that they'll keep quiet about the details until most of Chrome's estimated 2.65 billion global users have added the update, which we have to admit does make a lot of sense.
“Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on but haven’t yet fixed.” -Prudhvikumar Bommana, Google Chrome
Chromium is open source, making this an interesting example of the open-source vulnerabilities that Google has recently launched an entire rewards program to order to incentivize coders to sniff out.
Staying Secure Online
Chrome is undeniably the most popular browser available today, and the fact that they've issued six major bug fixes this year is actually a positive development. It indicates that they're not resting on their laurels but instead continue working hard to keep their users' data secured.
Granted, not everyone is happy with Chrome, largely due to their data collection practices. But regardless of which browser you prefer, staying secure online takes a lot more than downloading the newest browser updates.
Other tools that can help you in your battle to avoid leaking your data to bad actors include a good password management service and a VPN to ensure your location remains hidden.