Google Patches Ninth Chrome Zero-Day of the Year
In software, security vulnerabilities are inevitable. It isn’t about preventing them outright with perfect code. Rather, the challenge is discovering vulnerabilities and patching them before bad actors take advantage of them. Google has been working overtime to fight against security vulnerabilities with Chrome this year, as the company just issued a patch for the browser’s ninth zero-day.
From there, we don’t know much else about the zero-day. Google is staying tight-lipped about the security vulnerability, likely for fear of more information about it spreading before its user base can patch their browsers.
Zero-days are particularly dangerous, because they are security vulnerabilities with active exploits. That means someone out there knows how to use the vulnerability against you, there’s just no telling how many people know. It’s Google’s prerogative, then, to patch the flaw for as many people as possible as quickly as possible.
According to Bleeping Computer, the other zero-days patched this year include:
- CVE-2022-2856 – August 17
- CVE-2022-2294 – July 4
- CVE-2022-1364 – April 14
- CVE-2022-1096 – March 25
- CVE-2022-0609 – February 14
- CVE-2022-3723 – October 28
- CVE-2022-4135 – November 25