A zero-day vulnerability that has been used in attacks is patched by a Chrome 104 update that Google announced on Tuesday. According to the company, the exploited flaw was a high-severity problem caused by the Intents component’s inadequate validation of untrusted input.
The vulnerability is identified as CVE-2022-2856. Google has not disclosed any details about the attacks, but it did note that its Threat Analysis Group researchers first discovered the vulnerability on July 19. The internet giant has patched Chrome’s zero-day vulnerability five times in 2022.
The Israeli spyware company Candiru has been implicated in using the fourth zero-day, which was discovered in early July, in targeted attacks against Middle Eastern organizations. Google acknowledged that Chrome zero-day exploitation has increased in March.
Read More: Google Patches Fifth Exploited Chrome Zero-Day of 2022
For more such updates follow us on Google News ITsecuritywire News