Google brings an update to Chrome to protect its users from several security flaws

Google has fixed a critical bug that nearly put users of the desktop version of its Chrome search engine at risk. It seems that this flaw, dubbed CVE-2022-2856, has been actively exploited. The company therefore urges users to update their Chrome browser as soon as possible.

Even though Google didn’t give details about the flaw, the company nevertheless explained that it is an incorrect input validation bug. And more precisely “ insufficient validation of untrusted input in intents “, reports Techradar.

Google is still not immune to security breaches

Apparently, this critical flaw wasn’t Google’s only concern as the company rolled out an update intended to fix 11 security flaws, including the aforementioned one. Regarding the other vulnerabilities, one was of critical level, five of high level and three of medium level.

Furthermore, according to a report by The Register, Google paid out at least $29,000, or around €28,700, to people who discovered and disclosed these security flaws, of which $7,000 (around €6,900) went to people who discovered the CVE-2022- 2855 and CVE-2022-2854, high-level bugs. As recently as 2021, Google spent nearly $9 million on numerous security breach disclosures.

Google Chrome in the crosshairs of competing browsers

Being at the top of the most used browsers in the world, Google Chrome is in the crosshairs of its many browsing colleagues. The latter are on the lookout for the slightest flaw in the giant, so that they can finally make room for themselves.

In addition, two months ago, Google patched a Windows security flaw that was allegedly being exploited in the wild. This bug was named CVE-2022-2294 and was allegedly a heap-based buffer overflow weakness.

source