- 200/2022
- High
Google has released an updated Chrome version (105.0.5195.102) for Windows, Mac, and Linux to fix one vulnerability. The remote attacker could exploit this vulnerability to take control of the affected system and bypass security.
Google released an emergency update for the company’s Chrome web browser. The update addresses a security issue in the browser that is rated high and exploited in the wild. The severity of the addressed vulnerability could allow the remote attacker to bypass security restrictions caused by insufficient data validation in Mojo.
Google Chrome Mojo security bypass (CVE-2022-3075):
- CVSS: 8.8
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: Required
- Consequences: Gain Access
Users of Chromium-based browsers such as Microsoft Edge are also advised to apply the fixes when they become available.
Vulnerabilities
CVE-2022-3075
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.