August 17, 2022

What you need to know

  • Google Chrome has been updated to address a critical zero-day vulnerability.
  • The flaw affects the browser’s WebRTC stack, which is under attack.
  • The patch should be available to all users in the next few weeks.

Google has issued a patch to address a zero-day vulnerability in a component of Chrome’s real-time communication capabilities. The search giant warns users that it’s already being exploited in the wild.

The latest Chrome update (opens in new tab) (version 103.0.5060.114) for Windows addresses a threat, labeled CVE-2022-2294 (high-severity), which Google says is a critical security risk. The vulnerability affects the browser’s implementation of WebRTC, a standard used in video and voice applications for real-time communications.