The active zero-day exploit in Chrome needs to be patched now
It was announced on Wednesday that Google is fixing an exploit that exists in the wild in its Chrome browser's Stable channel.Intents are not adequately validated against untrusted input, according to Google's advisory. Intents are usually used to pass data between Chrome and another application.
In Chrome's address bar, there is a share button. The Dark Reading blog noted that input validation is a common coding weakness.At the moment, we only have the information Ashley Shen and Christian Resell from the Google Threat Analysis Group have reported about the exploit.
t is currently restricted to those working on related components and registered with Chromium who have access to details of the exploit. It is possible to reveal those details once a certain percentage of users have applied the relevant updates.
The update will be rolled out over the next few days/weeks for Mac and Linux, and for Windows, it will be available for manual download right now.The update also contains 10 security fixes. This is Chrome's fifth zero-day vulnerability in 2022, according to Dark Reading.