The most recent Google Chrome update fixed a total of 10 security flaws, some of which might have allowed remote attackers to destroy your computer.
Ten security flaws, some of which might allow remote attackers to crash susceptible computers, have been fixed in Google's Chrome browser for Windows, Mac, and Linux.
While the firm is presently reserving full details about many of the issues until the majority of users have applied the upgrades, which are scheduled to deploy over the following days and weeks, Google has listed some of the improvements in a Google Chrome release update.
The most recent Google Chrome update contains ten security upgrades in total, all of which, barring special circumstances, are also applicable to Google Chrome on mobile devices. Six of the upgrades have been given the "high severity" designation. This indicates that the modifications need to be implemented as soon as feasible.
The flaws might theoretically allow a remote attacker to use a specially created HTML page to exploit "heap corruption." The "heap," a portion of reserved computer memory that programs utilize to store varying amounts of data, is affected by the contamination.
When a software alters the heap's perspective, it causes heap corruption. This memory error has the potential to result in a crash.
A related article is Google's hackers: The cybersecurity red squad inside that keeps Google secure.
CVE-2022-3886 is a flaw in Google Chrome's Speech Recognition that may be used to achieve the same result as CVE-2022-3885, a vulnerability in V8, the open-source JavaScript engine built by the Chromium Project for Google Chrome and Chromium web browsers.
A flaw in Web Workers, which Google Chrome uses to run scripts in the background without interfering with the user interface, is CVE-2022-3887. A bug called CVE-2022-3888 in Google Chrome's WebCodecs allows for low-level access to video encoders and decoders.
A type confusion issue in V8 called CVE-2022-3889 causes the software to run incorrect code. Attackers may use any of these flaws to take advantage of heat corruption flaws.
The most recent vulnerability to be publicly published Is CVE-2022-3890, a memory buffer overflow in Crashpad in Google Chrome on Android, which can let a remote attacker carry out a sandbox escape and perhaps provide them elevated access throughout the host environment.
Google, which gave bug bounty payouts ranging from $7,000 to $21,000 to the researchers who found them, stated, "We would also want to thank all security researchers that worked with us during the development cycle to prevent security problems from ever reaching the stable channel."
In order to safeguard computers from potential attacks, users are advised to install the Google Chrome security patch for 107.0.5304.110 for Mac and Linux and 107.0.5304.106/.107 for Windows as soon as it becomes available.