The latest update to the Chrome browser on the Mac is an important one: according to Google, it contains a critical security fix for an exploit that exists in the wild.
Version 102.0.5005.148 for Windows and Mac includes a fix for CVE-2022-2294, which references a heap buffer overflow in WebRTC. The flaw was reported on July 1 by Jan Vojtesek of the Avast Threat Intelligence team, and Google claims that an exploit for this flaw already exists in the wild.
According to CWE, heap buffer overflow is a state “where the buffer that can be overwritten is allocated to the heap portion of the memory.” They can generally lead to crashes and other attacks, including putting the program into an infinite loop.
The fix is one of the crucial security patches to be released for the browser this year. Previously, Google Chrome patched 100.0.4896.127 CVE-2022-1364, which was also exploited in the wild.
The update, which also includes numerous other security and bug fixes, will be rolled out in the coming days. You can check for an update by clicking the Chrome menu in the menu bar and then selecting About Google Chrome.