The US authorities have until December 26 to update Google Chrome.
The US government’s Cybersecurity and Infrastructure Security Agency (CISA) has added the latest Google Chrome vulnerability CVE-2022-4262, to its list of critical vulnerabilities. This means that the US authorities must see to patching the bug.
It writes Bleeping computer.
The deadline for government agencies to fix the zero-day bug is December 26.
“Google is aware of reports that an exploit of CVE-2022-4262 exists in the open,” Google announced about the bug.
This type of flaw usually leads to browser crashes after successful exploitation, but attackers can also exploit them for arbitrary code execution. Google has not yet shared all the details of exploiting the flaw.
“Access to bug details and links may be restricted until a majority of users are updated with a fix,” Google announced, continuing:
“We’ll also keep restrictions if the bug is in a third-party library that other projects similarly depend on but haven’t yet fixed.”