Researchers at Google revealed a high-severity attack has been targeting Android and Windows users via Google Chrome.
Reported by a member of the Avast Threat Intelligence team, the high-severity security vulnerability, known technically as “CVE 2022-2294”, could allow malicious actors to exploit your system, or crash it entirely.
While antivirus software is the best way to protect against security threats, it’s equally important to ensure that your software is always always update so that when new patches are released, your team doesn't have to wait.
What Is a Buffer Overflow Vulnerability?
There are two types of buffer overflows: Stack, and Heap. Stack overflows corrupt memory on the stack, whereas heap overflows affect an area of software application memory, causing it to spill into adjacent storage.
The security vulnerability in question, known catchily as “CVE-2022-2294”, is a high-severity heap-based buffer overflow attack, targeting Chrome's Real-Time communications component (WebRTC). This type of vulnerability can corrupt data values in memory addresses and dramatically impact a business's entire system code – opening an entry point for cyber attacks, or causing the sytem to crash.
While a Chrome update for Windows and Mac will be released to patch the system in the coming days, the severity of this attack would suggest it may be better to update your browser sooner, rather than later.
How to Protect Yourself Now
Our advice is, if you’re using the Chrome App on Windows or Mac, you should update your system as soon as possible. The easiest way to update Google Chrome is to allow it to update automatically, but if you've not closed your browser in a while, or your auto-update isn't switched on (as it should be) it's worth taking a quick look to see if you can update it today.
To update Google Chrome, simply open the browser on your desktop, select the button in the top right of the window, and click More. After that, all you need to do is navigate to the Help button, click About Google Chrome and if there an is update available, you'll have the option to download it.
Once the latest version has been downloaded and your system is patched, simply relaunch the browser to complete the update and then you're set. The version you're looking for should be “103.0.5060.114” or later. If you've any problems, you can also contact the Google helpdesk.