Threat Advisory: Chromium Zero Day (MS Edge and Google Chrome)

Threat Advisory: Chromium Zero Day
(MS Edge and Google Chrome)

July 8, 2022

Threat

Chromium Zero Day (MS Edge and Google Chrome)

Vulnerability

CVE-2022-2294¹

CVSS – 8.8 HIGH
Vulnerability Publication Date – 07/07/2022
Exploits Available – Yes, private

Description

There is very little information available about this vulnerability other than it has been exploited in the wild. Both Google and Microsoft are holding back the details of this vulnerability to limit information available to potential threat actors. This vulnerability affects Chromium, the underlying open-source code used in Google’s and Microsoft’s web browsers².

According to VulDB, this vulnerability exploit appears to be easy, can be performed remotely, and does not require authentication to perform². While this does not provide much insight into the vulnerability itself, with a CVSS of 8.8 and a purposeful lack of published information, it can be inferred that this is a very severe vulnerability and should be remediated as quickly as possible.

Recommendations / Remediation

Contact FortifyData to learn how we can identify this vulnerability through our internal risk assessment.

Upgrade Google Chrome to version 102.0.5005.148

Upgrade Microsoft Edge to version 103.0.1264.48

**These are generalized recommendations that may not be effective for all organizations and environments. **

References

Combatting Ransomware in the Real World

August 11, 2022

Combatting Ransomware in the Real World Join FortifyData and Lockstep Technology Group as we discuss what ransomware is, what…

FortifyData’s Alignment with NIST SP 800-40

August 4, 2022

FortifyData’s Alignment with NIST SP 800-40 While patching of systems has long been a common IT function, organizations vary…

How Old Vulnerabilities Introduce Zero-Day Risks

August 3, 2022

How Old Vulnerabilities Introduce Zero-Day Risks Earlier this year a joint cybersecurity advisory from U.S and allied cybersecurity authorities…

Click to access the login or register cheese

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.

Necessary

Always Enabled

Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Functional

Performance

Analytics

Others

Platforms

Solutions

Why FortifyData

Company

Resources

Partners