Google has released a security update for for Chrome that protects users against a newly discovered, high-severity vulnerability in the browser that it's warned is already actively being exploited by cyber attackers.
The Stable Channel Update for Google Chrome on desktop is for Windows, Mac and Linux versions of the browser. It's recommended that users apply the security update as soon as possible – something that Google Chrome will do automatically when the browser is closed and reopened.
'Heap' is an area of pre-reserved computer memory that a program uses to store a variable amount of data – and heap corruption occurs when a program damages the view of the heap, which can result in a memory fault that can be abused by attackers.
Google states that it's aware that an exploit for CVE-2022-4262 is active in the wild – in other words, it's actively being used by cyber criminals to power malicious hacking campaigns – but hasn't yet provided any information on how this is taking place, citing a precaution against providing other attackers with a way to use it before users are protected.
"Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven't yet fixed," said Google's update.
The vulnerability was discovered by Clement Lecigne of Google's Threat Analysis Group. It represents the latest in a series of security flaws in Google Chrome that have been uncovered and patched during this year.