“Zero-day” is a broad term that describes security vulnerabilities which hackers can use to attack systems. The term “zero-day” refers to the fact that the vendor or developer has only just learned of the flaw having “zero days” to fix it. A zero-day attack takes place when hackers exploit the flaw before developers or vendors have a chance to address it. When a vulnerability becomes known, the developers try to patch it to stop the zero-day attack. The zero-day vulnerabilities are treacherous because some advanced cybercriminal groups use them strategically to exploit high-value targets and conglomerates. Even after a patch is developed, users must still update their systems. If they don’t, attackers can continue to take advantage of a zero-day exploit until the system is patched.
This is the seventh zero-day vulnerability patched by Google Chrome so far this year, understating the importance of leveraging every trick in the book to keep Chrome/Chromium browsers updated. The urgent announcement of Google’s security update addressing this single, high-severity issue brings into light the notion that these single-issue security updates are rare, and the release within 48 hours across Windows, Mac, Linux, and Android serves to emphasize the potential impact CVE-2022-3723 could have on Chrome users. It’s typical for Google and other firms to temporarily withhold details about a zero-day security flaw until a majority of users have applied the fix. Otherwise, it just makes it easier for hackers to leverage the exploit and wreak havoc to a wider base of users.The third-party browsers based on Chromium, such as Microsoft Edge should also be updated. Users are recommended by Google to upgrade to version 107.0.5304.87 for macOS and Linux,107.0.5304.87 or 107.0.5304.88 for Windows, 107.0.5304.91 for Android, to mitigate potential threats.
If you’re among the more than 3 billion users of Google’s Chrome browser take a moment to apply the latest patch including enforced limits on browsers alongwith refreshing after an update to be able to scan and remediate threat actors easily. Google’s security patch plugs up a gaping security hole that zero-day hackers are known to be actively exploiting in the wild; it is strongly recommended to upgrade the Google Chrome web browser as soon as possible.