Google Chrome browser reproduces 0-day vulnerability

Google released an update to its Chrome browser on September 2, which included fixes for vulnerabilities in Mac and Windows versions. The Chrome browser version 105.0.5195.102 update has been rolled out, fixing a high-risk security vulnerability that fixes a dangerous 0-day vulnerability, a security flaw that is maliciously exploited immediately after being discovered. This is the sixth 0-day vulnerability the company has patched so far in 2022.

The five previously fixed zero-day vulnerabilities are CVE-2022-0609, CVE-2022-1096, CVE-2022-1364, CVE-2022-2294, and CVE-2022-2856.

An anonymous report claims that the new vulnerability CVE-2022-3075 is caused by insufficient data validation in Mojo. Mojo is a set of runtime libraries that facilitate message passing across arbitrary inter-process and intra-process boundaries.

"Until most users update the fix, access to bug details and links may be restricted," Google said. "We will also retain restrictions if the bug exists in a third-party library that other projects similarly depend on but haven't fixed yet."