Google released emergency safety update for the desktop version of the browser Chrome, Eliminating the 8th zero-day vulnerability used in attacks this year.
Vulnerability with a high degree of danger CVE-2022-4135 is an overflow of buffer in a heap in a graphic processor. The disadvantage was discovered by Lesine Clement from the group of threat analysis Google Threat Analysis Group on November 22, 2022.
In her notice, Google wrote that she knows about the existence of exploit for the CVE-2022-4135. Since users need time to apply the update, Google hid the details of vulnerability to prevent its malicious use.
The vulnerability of overflowing the buffer in the heap leads to the fact that the data is recorded in prohibited places without verification. Cybercriminals can use the overflow of the buffer of the heap to rewrite the application of the application, which leads to free access to information or execution of arbitrary code.
Chrome users are recommended to be updated to version 107.0.5304.121/122 for Windows and 107.0.5304.122 for Mac and Linux, which eliminates CVE-2022-4135.