Skip to main content

Security Alert: Urgent Google Chrome/Microsoft Edge patch

Date:
2022-08-23 19:25:00
Status:
Closed
Brief Description:
A zero-day vulnerability in Google Chrome and Microsoft Edge for Windows, macOS, and Linux may potentially lead to arbitrary code execution and manipulation of data in the browser. Google states this vulnerability is being actively exploited. Patch now.
Current Status:
N/A
Services Affected:
Certified Desktop
Full Description:
A zero-day vulnerability in Google Chrome and Microsoft Edge for Windows, macOS, and Linux may potentially lead to arbitrary code execution and manipulation of data in the browser, including buffer overflow, directory traversal, SQL injection, cross-site scripting, null byte injection, and more. Google states this vulnerability is being actively exploited. Patch now.

For Google Chrome:
To check if your browser is updated, navigate to Settings > Help > About Google Chrome or chrome://settings/help in the address bar. If your Chrome browser is listed as 104.0.5112.101 or higher, you are protected.

Users should apply the following updates:
• Chrome 104.0.5112.101 or higher

For Microsoft Edge:
To check if your browser is updated, navigate to Menu > Help and Feedback > About Microsoft Edge, or edge://settings/help in the address bar. If your Edge browser is listed as 104.0.1293.63 or higher, you are protected.

Users should apply the following updates:
• Edge 104.0.1293.63 or higher

Certified Desktop customers:
• Windows: Patches for Google Chrome and Microsoft Edge will be available this afternoon with an install deadline of 4:00pm on Wednesday, August 24.

• macOS: A patch for Google Chrome will be available this afternoon with an install deadline of 4:00pm on Wednesday, August 24. Users of Microsoft Edge should manually check for updates and install them.

Users who do not have a managed computer should check for updates and install them.

For more information refer to the references below.
Bleeping Computer: https://www.bleepingcomputer.com/news/security/google-fixes-fifth-chrome-zero-day-bug-exploited-this-year/
Google Chrome Releases: https://chromereleases.googleblog.com/2022/08/stable-channel-update-for-desktop_16.html
Microsoft Edge Security Release Notes: https://docs.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security
CIT TDX ID: