[German]Google has released the Google Chrome 105.0.5195.102 update for Linux ,macOS and Windows on September 2, 2022 (before the long US Labor Day weekend). It is an emergency update to close a security vulnerability that is rated as high. This is already being exploited.
Advertising
Google Chrome 105.0.5195.102
The relevant entry for Chrome 104.0.5112.102 in the stable channel can be found on the Google blog. This update fixes the following vulnerability.
[$TBD][1358134] High CVE-2022-3075: Insufficient data validation in Mojo. Reported by Anonymous on 2022-08-30
An anonymous user reported the vulnerability, and it was rated High by Google. However, Google does not give any further explanation of what is going on. The vulnerability is caused by insufficient data validation in Mojo. The colleagues at Bleeping Computer explain here, that Mojo is a collection of runtime libraries that allows message passing across arbitrary inter- and intra-process boundaries.
Google is aware that the vulnerability is already being exploited in the wild. The Chrome version for Windows will be rolled out to systems via the automatic update feature in the next few days. One can (and in this case should) also update the browser manually (via the menu and the About Google Chrome command). The latest build of the Chrome browser can also be downloaded here.
