Google rushes to patch critical zero-day exploit in Chrome for Mac

Update browsers ASAP.

Credit: Google

The latest update for the Chrome browser on the Mac is an important one: According to Google, it includes a critical security fix for an exploit that exists in the wild.

Version 102.0.5005.148 for Windows and Mac includes a fix for CVE-2022-2294, which refers to a heap buffer overflow in WebRTC. The flaw was reported by Jan Vojtesek from the Avast Threat Intelligence team on July 1, and Google says it is aware that an exploit for this flaw already exists in the wild.

According to CWE, heap buffer overflow is a condition where the buffer that can be overwritten is allocated in the heap portion of memory. They can generally lead to crashes and other attacks, including putting the program into an infinite loop.

The fix is one of several crucial security patches to arrive for the browser this year. Previously, Google Chrome 100.0.4896.127 patched CVE-2022-1364, which had also been exploited in the wild.

The update, which also includes numerous other security and bug fixes, will roll out over the coming days. You can check for an update by clicking on the Chrome menu in the menu bar, then selecting About Google Chrome.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Googlechromecyber security

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.
Michael Simon

Michael Simon

Macworld.com
Show Comments

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?