Google Rolls Out Chrome 103 with Urgent Fix for WebRTC Zero-Day Flaw

Google is rolling out an urgent patch to Chrome users on desktop and Android devices to address a zero-day flaw the web giant says is being actively exploited.
“The Stable channel has been updated to 103.0.5060.114 for Windows, which will roll out over the coming days/weeks,” writes Prudhvikumar Bommana for the Google Chrome team.
Four security flaws are addressed in this release, including one affecting the browser’s open-source real-time communication component, WebRTC.
The vulnerability, tracked as CVE-2022-2294, is described as a heap buffer overflow.
“Google is aware that an exploit for CVE-2022-2294 exists in the wild,” according to the advisory.
Two more bugs are also rated high-severity, making the update all the more important from a security standpoint.
In typical fashion, the internet mammoth is holding off details of the zero-day, giving Chrome users time to patch up before more malicious actors catch on and exploit the flaw. Android users are also instructed to update to Chrome 103, as most of the same flaws affect the mobile version of the browser. iOS customers seem unaffected at this time.
Chrome users worldwide should make updating a priority or, at the very least, refrain from real-time chats via Chrome until they update.
tags
Author
Right now
Top posts
Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns
January 19, 2023
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps
November 29, 2022
How to monitor your online privacy during your Thanksgiving trip
November 22, 2022
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info
November 16, 2022
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be
November 14, 2022