Google patches critical vulnerability in Chrome

Google patches critical vulnerability in Chrome
Google patches critical vulnerability in Chrome

Google is working on an update for a critical Chrome vulnerability that is being actively exploited by hackers.

Google confirms in a blog post that the vulnerability is present in Chrome for Windows, Mac and Linux. The tech giant is working on a solution. Google expects to roll out the patch in the coming weeks.

An anonymous cybersecurity researcher reported the vulnerability to Google on August 30. The Common Vulnerability Scoring System ranks the threat as very serious, the second highest risk category. The vulnerability was registered as CVE-2022-3075.

Mojo runtime libraries

Chrome is based on Chromium, an open-source browser backend from Google. The vulnerability is present in Mojo, a set of runtime libraries for Chromium. Developers use runtime libraries to integrate functions into applications without having to build the functions from scratch.

Each Chrome tab runs in a separate process. Mojo is responsible for data transport between Chrome processes.

Data validation

According to Google, the vulnerability is due to a lack of data validation in Mojo. Data validation prevents hackers from entering malicious data into applications. Without data validation, apps are vulnerable to cyber attacks.

The vulnerability is the latest addition to a long line of bugs that Google has been patching since the beginning of the year. In April, the organization released an update for a critical vulnerability in Chrome’s JavaScript engine.

PREV Facebook in court for circumventing iPhone security – News
NEXT OnePlus sister brand Vivo announces second foldable phone on Monday – Tablets and phones – News