Google has released Chrome 105.0.5195.102 for Windows, Mac, and Linux to address a high-severity vulnerability (CVE-2022-3075) that is reported to be actively exploited.
The vulnerability (CVE-2022-3075)is caused by insufficient data validation in Mojo, a collection of runtime libraries that facilitates message passing across arbitrary inter- and intra-process boundaries. A remote user can exploit this vulnerability to trigger security restriction bypass on the targeted system.
High - Security Bypass on Chrome Browser.
CVSS v3 Scoring:
Risk Factor: High
Base Score: 8.8
Temporal Score: 7.7
Google Chrome users on Windows, Mac and Linux are advised to install the latest security updates immediately. Users are also encouraged to enable the automatic update function in Chrome to ensure that their software is updated promptly.
Users of Chromium-based browsers such as Microsoft Edge, Brave, Opera, and Vivaldi are also advised to apply the fixes as and when they become available.