Approximately three days ago, Google announced that they had released an emergency patch for a previously unknown zero-day vulnerability within their browser. Zero-day bug (CVE-2022-1096) affects Google Chrome and other Chromium browsers including Microsoft Edge on Windows, Mac, and Linux. Per Google, this newly discovered bug was already being exploited in the wild. Due to how new this exploit is, details are being withheld until a majority of users are patched.
Advanticom has already remediated this vulnerability for our clients to help mitigate any risk to our client-base and ourselves. We will continue to monitor the situation for any further developments. We strongly encourage everybody to take a minute and make sure their Google Chrome and Microsoft Edge browsers are fully up-to-date on their work and personal devices. Below are instructions for updating Google Chrome and Microsoft Edge. The instructions are the same for Windows, Mac and Linux.
Updating Google Chrome & Microsoft Edge
- Open the Google Chrome Browser
- In the top right hand corner, click the 3 vertical dots and click Help > About Google Chrome
- Google will automatically start checking for an update and install it
- Relaunch Chrome to complete the installation
- Follow the same steps for Microsoft Edge. The only difference is the three dots will be vertical instead of horizontal in the top right hand corner. Click the 3 horizontal dots and click Help and feedback > About Microsoft Edge
Updating Google Chrome
Updating Microsoft Edge
- Romero, Johanna. “Chrome Issues Emergency Update to Fix in-the-Wild Exploit.” Chrome Unboxed – The Latest Chrome OS News, Chrome Unboxed, 28 Mar. 2022, https://chromeunboxed.com/chrome-zero-day-exploit-v99.
- CVE. “CVE-2022-1096.” CVE, CVE, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1096.