AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.
Google released an update for its Chrome browser on September 2 — and it contains a fix for an exploit actively being used against Mac and Windows users.
Chrome update 105.0.5195.102 fixes a high-risk security flaw that patches a dangerous zero-day bug. This is the sixth zero-day exploit that the company patched thus far in 2022.
Reported anonymously, CVE-2022-3075 is a vulnerability caused by insufficient data validation in Mojo. Mojo is a collection of runtime libraries that facilitates message passing across arbitrary inter- and intra-process boundaries.
Google's web page doesn't give details of the exploit, as expected with a zero-day patch. The company says there are reports that the flaw has been exploited by attackers in the wild.
"Access to bug details and links may be kept restricted until a majority of users are updated with a fix," the company said. "We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed."
Mac users can update the Google Chrome browser automatically by pressing Command-Q to quit the browser, then reopening the app. If the browser hasn't been closed in a while, a button will appear in the upper-right corner of the app that says Update. The color of the icon changes depending on the status of the update.
- Green: The pending update was released less than 2 days ago.
- Yellow: The pending update was released about 4 days ago.
- Red: The pending update was released at least a week ago.
Going into the Chrome menu, selecting Help and then About Google Chrome will display the update status of the browser.