A Dangerous Google Chrome Bug has been discovered

The Google Chrome bug has been discovered: Not only is it dangerous, but hackers are actively using it.

Google issued a fix earlier this week, indicating that an update is now available, bringing your Chrome to version 104.0.5112.101 on Mac and Linux and version 104.0.5112.102/101 on Windows. It should have been installed automatically on your Chrome, but if it hasn’t, you can (and should) start the update now by going to Chrome’s “About” menu.

However, we do know that it is related to “insufficient validation of untrusted input in Intents,” which, according to Dark Reading, could result in a malicious website executing arbitrary code on your machine, among other issues.

This high-severity vulnerability, tracked as CVE-2022-2856, is an improper input validation bug, and Google, as usual, is withholding details about it until the majority of Chrome users have been updated and the code has been fixed.

The flaw was described as “insufficient validation of untrusted input in Intents” in an advisory, and the company is “aware that an exploit for CVE-2022-2856 exists in the wild.”

Chrome, as the world’s most popular browser, is also the most targeted, with countless threat actors racing to find new zero-day vulnerabilities. Google fixed one such vulnerability for the Windows version less than two months ago, which was allegedly being exploited in the wild.