Skip to main content

Security Alert: Urgent Google Chrome/Microsoft Edge patch

Date:
2022-10-28 11:31:00
Status:
Closed
Brief Description:
A zero-day vulnerability in Google Chrome and Microsoft Edge for Windows, macOS, and Linux may lead to arbitrary code execution or sensitive information disclosure. Google states this vulnerability is being actively exploited. Patch now.
Current Status:
Microsoft has published Microsoft Edge 107.0.1418.26 to address this vulnerability.

For Microsoft Edge:
To check if your browser is updated, navigate to Menu > Help and Feedback > About Microsoft Edge, or edge://settings/help in the address bar. If your Edge browser is listed as 107.0.1418.26 or higher, you are protected.

Users should apply the following updates:
• Edge 107.0.1418.26 or higher

Certified Desktop customers:
• Windows: A patch for Microsoft Edge will be available today, Thursday, November 3 with an install deadline of 4:00pm on Friday, November 4. Microsoft Edge has already automatically updated for most customers. This patch will address instances where automatic update has not yet occurred.

• macOS: Users of Microsoft Edge should manually check for updates and install them.

Microsoft Edge users who do not have a managed computer should check for updates and install them.

For more information refer to the references below.
Release notes for Microsoft Edge Security Updates: https://learn.microsoft.com/en-us/deployedge/microsoft-edge-relnotes-security
Services Affected:
Certified Desktop
Full Description:
A zero-day vulnerability in Google Chrome and Microsoft Edge for Windows, macOS, and Linux may lead to arbitrary code execution or sensitive information disclosure. The vulnerability is a type confusion bug in the V8 Javascript engine. Google states this vulnerability is being actively exploited. Patch now.

For Google Chrome:
To check if your browser is updated, navigate to Settings > Help > About Google Chrome or chrome://settings/help in the address bar. If your Chrome browser is listed as 107.0.5304.87 or higher, you are protected.

Users should apply the following updates:
• Chrome 107.0.5304.87 or higher

Certified Desktop customers:
• Windows: A patch for Google Chrome will be available today, Friday, October 28 with an install deadline of 4:00pm on Saturday, October 29.

• macOS: A patch for Google Chrome will be available today, Friday, October 28 with an install deadline of 4:00pm on Saturday, October 29.

Users who do not have a managed computer should check for updates and install them.

For more information refer to the references below.

Chrome Releases: https://chromereleases.googleblog.com/2022/10/stable-channel-update-for-desktop_27.html
Bleeping Computer: https://www.bleepingcomputer.com/news/security/google-fixes-seventh-chrome-zero-day-exploited-in-attacks-this-year/
CIT TDX ID: