
Combatting Ransomware in the Real World Join FortifyData and Lockstep Technology Group as we discuss what ransomware is, what…
Threat
Chromium Zero Day (MS Edge and Google Chrome)
Vulnerability
CVE-2022-22941
Description
There is very little information available about this vulnerability other than it has been exploited in the wild. Both Google and Microsoft are holding back the details of this vulnerability to limit information available to potential threat actors. This vulnerability affects Chromium, the underlying open-source code used in Google’s and Microsoft’s web browsers2.
According to VulDB, this vulnerability exploit appears to be easy, can be performed remotely, and does not require authentication to perform2. While this does not provide much insight into the vulnerability itself, with a CVSS of 8.8 and a purposeful lack of published information, it can be inferred that this is a very severe vulnerability and should be remediated as quickly as possible.
Recommendations / Remediation
Contact FortifyData to learn how we can identify this vulnerability through our internal risk assessment.
Upgrade Google Chrome to version 102.0.5005.148
Upgrade Microsoft Edge to version 103.0.1264.48
**These are generalized recommendations that may not be effective for all organizations and environments. **
References
Cookie | Duration | Description |
---|---|---|
cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |