If you’re running Google Chrome on Windows, Mac or Linux, you should check to see if a patch is available immediately.
In a blog post Google announced that Chrome version 105.0.5195.102 will be rolling out “over the coming days/weeks.” The update contains a security fix for a high-importance vulnerability called CVE-2022-3075 which Google believes “exists in the wild.” In other words, it’s something that hackers appear to be actively exploiting.
The full details of the zero-day exploit are not being published for very sensible reasons: highlighting a vulnerability before the world’s web browsers are inoculated against it is just asking unaware hackers to target users themselves. Or as Google puts it: “Access to bug details and links may be kept restricted until a majority of users are updated with a fix.
“We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.”
While Google doesn’t say whether that applies here, the limited details provided suggests it very well might. The listing explains that the bug in question is based on “insufficient data validation in Mojo.” Mojo is a group of runtime libraries used by Chromium, which is the open-source codebase used not just by Chrome, but by the likes of Microsoft Edge, Opera, Vivaldi and Brave.
The good news is that Chrome is very easy to update and, in fact, it will usually silently patch itself without you even noticing. Just restart your browser and it should patch to the latest version.
You can check that it’s worked by clicking the three-dot icon in the top right-hand corner, and then selecting “Help.” From there, press “About Google Chrome” and you should see a page which tells you whether Chrome is up to date or not. If you’re still struggling, check our “how to update Chrome” guide for more advice.
With around two-thirds of all desktop computers in the world using Google Chrome, it’s no surprise that it’s a big target for hackers looking to access people’s personal data. Indeed, by The Verge’s count, this is the sixth zero-day exploit patched in 2022 alone, so make sure you occasionally give Chrome a restart to keep your protection up.
Get the BEST of Tom’s Guide daily right in your inbox: Sign up now!
Upgrade your life with the Tom’s Guide newsletter. Subscribe now for a daily dose of the biggest tech news, lifestyle hacks and hottest deals. Elevate your everyday with our curated analysis and be the first to know about cutting-edge gadgets.
Freelance contributor Alan has been writing about tech for over a decade, covering phones, drones and everything in between. Previously Deputy Editor of tech site Alphr, his words are found all over the web and in the occasional magazine too. When not weighing up the pros and cons of the latest smartwatch, you'll probably find him tackling his ever-growing games backlog. Or, more likely, playing Spelunky for the millionth time.