Google Chrome is asking users to update their browsers after the internet giant revealed that hackers are aware of a “zero-day” bug that could give attackers access to your private data.
A zero day bug is a security vulnerability known to hackers before the vendor knows it, and it is already being used by hackers.
While Google says it has fixed 11 security vulnerabilities ranging from medium to critical impact in the latest update, one may still be known to hackers.
“Google is aware that an exploit for CVE-2022-2856 exists in the wild,” according to an Aug. 16 document press release.
CVE-2022-2856 marks the fifth zero-day Google has experienced in 2022, per Forbes.
Since zero-day hacks may not be known to the vendor, there is no patch for the vulnerability.
Google hasn’t shared specific details about the zero-day bug yet, but said in their press release that “access to bug details and links may be restricted until a majority of users are updated with a fix.”
However, they do reveal that it was reported on July 9 by hackers at the Google Threat Analysis Group and described the issue as “Insufficient validation of untrusted inputs in Intents.” Here’s “intentions” how Chrome handles user input, meaning a potential input could interfere with Google’s code.
The day before the vulnerability was reported, Google Chrome shared two tweets about zero-day bugs.
What are zero-day exploits – and how do they work? #Chrome protect you from them?
ICYMI: Watch Security Sheriff Adrian Taylor Explain Why These Bugs Are Top Priority For Chrome’s Security Team → https://t.co/p3QNGQQ7Cz pic.twitter.com/JjUbdW3Pa4
— Chrome (@googlechrome) August 15, 2022
In the video, “Security Sheriff” Adrian Taylor says that “any software can contain bugs, even software built to the highest technical standards like Chrome.” Explaining that “malicious websites” can use bugs to steal your information, he said, “We address every security bug with great urgency, but with even more urgency for zero-day bugs.”
As Chrome gains insight into how attackers use zero-day bugs, we’re getting more sophisticated at discovering and resolving vulnerabilities. Find out how we’re adding even more layers of defense that make it hard for attackers to get around: https://t.co/s61p1Sa1kS
— Chrome (@googlechrome) August 15, 2022
To best protect yourself, it is recommended that you update your Google Chrome browser and app. While it should update automatically, users can check it by going to About Google Chrome in your browser menu, forcing it to check for possible updates.
