Skip to main content

Security Alert: Urgent Google Chrome/Microsoft Edge patch

Date:
2022-04-15 08:57:00
Status:
Closed
Brief Description:
A zero-day vulnerability in Google Chrome and Microsoft Edge for Windows, macOS, and Linux may allow malicious actors, if successful, to execute arbitrary code on affected systems. Google states this vulnerability is being actively exploited. Patch now.
Current Status:
Microsoft has now published Microsoft Edge 100.0.1185.44 to patch this vulnerability. The patch directions in this alert have been updated accordingly. Previously, Microsoft had not yet published an update to patch this vulnerability.
Services Affected:
Certified Desktop
Full Description:
A zero-day vulnerability in Google Chrome and Microsoft Edge for Windows, macOS, and Linux may allow malicious actors, if successful, to execute arbitrary code on affected systems. Google states this vulnerability is being actively exploited. Patch now.

For Google Chrome:
To check if your browser is updated, navigate to Settings > Help > About Google Chrome or chrome://settings/help in the address bar. If your Chrome browser is listed as 100.0.4896.127 or higher, you are protected.

Users should apply the following updates:
• Chrome 100.0.4896.127 or higher

For Microsoft Edge:
To check if your browser is updated, navigate to Menu > Help and Feedback > About Microsoft Edge, or edge://settings/help in the address bar. If your Microsoft Edge browser is listed as 100.0.1185.44 or higher, you are protected.

Users should apply the following updates:
• Microsoft Edge 100.0.1185.44 or higher

Certified Desktop customers:
• Windows: Google Chrome and Microsoft Edge patches will be made available as soon as they are available in the patch catalogs. Patches will install with a deadline of 4:00pm on Monday, April 18.

• macOS: Google Chrome will be available this afternoon with an install deadline of 4:00pm on Monday, April 18. Microsoft Edge users should manually update following the directions above once a patch is available.

Users who do not have a managed computer should check for updates and install them.

For more information refer to the references below.
Bleeping Computer: https://www.bleepingcomputer.com/news/security/google-chrome-emergency-update-fixes-zero-day-used-in-attacks/
Chrome Releases: https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_14.html
Microsoft Edge Security Updates: https://docs.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security
CIT TDX ID: