A Zero-day venerability is a weakness in a system or app that has been discovered by the Attacker/Hacker though it is still unknown to the developer so is called Zero-day because once the hacker detects the vulnerability the developer/software company essential has zero-day to fix the vulnerability before it gets exploited. The high-security flaw is being tracked as CVE-2022-4135; it’s a heap buffer overflow in GPU, which was discovered by Clement Lecigne of Google Threat Analysis Group. Well, for those who don’t know – Heap buffer overflow is a memory vulnerability that results in data being overwritten to a barred location without check. In a notice update, the search engine giant said that it is aware that the vulnerability exists in the wild. Also, as users need time to apply the security update to their Chrome browsers, the company has refused to give details about the vulnerability to prevent its malicious exploitation further! Read: Fake MSI Afterburner Portal Targets Windows Gamers for Mining Crypto Access to bug details and links may be kept restricted until a majority of users are updated with a fix, and we will also retain restrictions if the bug exists in a third-party library that other project similarly depends on but haven’t fixed it yet. said the company hackers may use heap buffer overflow to overwrite an application’s memory to exploit its execution path, which results in unrestricted information access to arbitrary code execution. Google Chrome users are recommended to upgrade to version 107.0.5304.121 for Windows and 107.0.5304.122 for Mac and Linux; this addresses the CVE-2022-4135 vulnerability. So to update your Chrome browser to the latest version, go to Settings & then About Google and now all you gotta do is wait for the latest update to finish > Restart Google Chrome. Google Chrome update 107.0.5304.121 and 107.0.5304.122 fixes this eighth exploit, a Zero-day vulnerability These are Zero days vulnerability Google faced this year.
CVE-2022-0609 – Febuary 14th CVE-2022-1096 – March 25th CVE-2022-1364 – April 14th CVE-2022-2294 – July 4th CVE-2022-2856 – August 17th CVE-2022-3075 – September 2nd CVE-2022-3723- October 28th
Moreover, these vulnerabilities are exploited by sophisticated hackers who use them for highly targeted attacks. Thereby, all Google Chrome users are firmly advised to update their to update Chrome browser to stop the possible exploit. Read: Mirai RapperBot Malware Attacking Online Game Servers with DDoS