Google has released a new update to its browser – Chrome 102. The update contained 32 security fixes, one of which closed a critical vulnerability.
All 32 “holes” were previously discovered by third-party cybersecurity researchers. The critical flaw, designated as CVE-2022-1853, is based on “use after release in IndexedDB”
I assume that an attacker can create a specially designed website and take over a visitor’s browser by manipulating IndexedDB.
All bugs fixed in Chrome 102 are not zero-day vulnerabilities. Interestingly, the previously released Chrome 101 fixed 29 vulnerabilities, and none of them were among the “zero day” issues.
The update is available on all major platforms – Windows, Mac and Linux.