Published: September 06, 2022 on our newsletter Security Fraud News & Alerts Newsletter.
Some days are better than others and Google has certainly had some better days than of late. On the heels of at least 5 other zero-day vulnerabilities in 2022 alone, there is another one that requires attention of users. This one is rated as a high-severity security issue and is noted as CVE-2022-307. But you won’t find a lot of information if you try to look it up by the CVE number. Google has stated it isn’t releasing many details until the majority of users are supplied with the patch.
If you use Google Chrome, even occasionally, make sure you updated it when the fix is made available to you. The latest version that includes this patch is 105.0.5195.102. Go to the browser, click Chrome >> About and you can see your version. If it is isn’t this latest one, click the link to update it. Remember that you need to restart your Chrome browser to fully apply this.
What we do know about this vulnerability is 1. It’s related to insufficient data validation in functionality related to some of the runtime libraries, 2. If affects Windows, Mac, and Linux, and 3. It is being exploited by cybercriminals.
What’s a zero-day vulnerability? It means that there is no fix for an issue, but that it is known. It doesn’t always mean it’s being exploited by bad actors, but once it’s known to exist, you can assume someone that isn’t on the up-and-up is going to try to take advantage. So, don’t hesitate to update your devices as soon as you are informed a patch or update is ready.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at firstname.lastname@example.org