Google Patches Chrome's Fifth Zero-Day of the Year
Briefly

from kasperskycontenthub.com2 years ago
Google has announced a patch for the fifth zero-day vulnerability in Chrome in 2022, addressing a significant issue with insufficient input validation in Intents.
kasperskycontenthub.comhttps://kasperskycontenthub.com/threatpost-global/google-patches-c…-day-of-the-year/180432/
The vulnerability, tracked as CVE-2022-2856, allows for arbitrary code execution and was reported by Ashley Shen and Christian Resell from Google’s Threat Analysis Group.
kasperskycontenthub.comhttps://kasperskycontenthub.com/threatpost-global/google-patches-c…-day-of-the-year/180432/
Intents are a complex linking feature in Chrome that requires developers to adapt their approach since it replaces traditional URI schemes for deep linking on Android.
kasperskycontenthub.comhttps://kasperskycontenthub.com/threatpost-global/google-patches-c…-day-of-the-year/180432/
Insufficient input validation is a core issue that can lead to unwanted input handling by software, potentially allowing attackers to exploit and execute arbitrary code.
kasperskycontenthub.comhttps://kasperskycontenthub.com/threatpost-global/google-patches-c…-day-of-the-year/180432/
Read at kasperskycontenthub.com
#chrome #zero-day-vulnerability #cve-2022-2856 #input-validation #cybersecurity
[
]
[
|
]