Google releases major security update for Chrome

Google released a security update for its Chrome web browser a moment ago that addresses a major security issue in the browser. The update is available already, but Chrome users

may want to speed up the installation to protect their devices and data. Google notes that malicious actors exploit the issue on the Internet already. The security update is

available for desktop operating systems and for Android. Chrome 108: how to update Chrome users may want to open Menu > Help > About Chrome in the browser to display the

current version. Chrome runs a check for updates automatically when that page opens. Any update found will be installed automatically. The following versions should be displayed

after the update installation: Chrome for Windows: 108.0.5359.94 or 108.0.5359.95Chrome for Mac or Linux: 108.0.5359.94Extended Stable channel for Mac and Windows:

108.0.5359.94Chrome for Android: 108.0.5359.79 Just compare the listed version with the version that Chrome reports when you open the about page. Updating requires a restart of the

web browser to complete the installation process. Chrome 108: the security issue Google’s release post on the official Chrome Releases blog reveals some information on the fixed

issue. The most important information conveyed is that the issue is exploited in the wild. “Google is aware that an exploit for CVE-2022-4262 exists in the wild.” In other

words: Google is aware of attacks that target the security issue. The company does not provide further information, e.g., on the scope of the attacks or where these may be

encountered. Still, in the wild refers to attacks on the Internet that users of the browser may experience. A patched version of Chrome protects against these attacks, while an

unpatched Chrome may be attacked successfully. The security issue has a severity rating of high, which is second only to critical. The CVE record — CVE stands for Common

Vulnerabilities and Exposures — offers additional insights. “Type confusion in V8 in Google Chrome prior to 108.0.5359.94 allowed a remote attacker to potentially exploit heap

corruption via a crafted HTML page. (Chromium security severity: High)” Attacks are carried out using webpages. These need to contain attack code to be executed. It is still

unclear how widespread the issue is based on the description. Summary Chrome users and administrators need to patch the web browser immediately. The update to the latest Chrome 108

version protects the browser against attacks, which are carried out at the time of writing. The new major security update comes just days after the update to Chrome 108; this