The latest update for the Chrome browser on the Mac is an important one: According to Google, it includes a critical security fix for an exploit that exists in the wild.
Version 102.0.5005.148 for Windows and Mac includes a fix for CVE-2022-2294, which refers to a heap buffer overflow in WebRTC. The flaw was reported by Jan Vojtesek from the Avast Threat Intelligence team on July 1, and Google says it is aware that an exploit for this flaw already exists in the wild.
According to CWE, heap buffer overflow is a condition “where the buffer that can be overwritten is allocated in the heap portion of memory.” They can generally lead to crashes and other attacks, including putting the program into an infinite loop.
The fix is one of several crucial security patches to arrive for the browser this year. Previously, Google Chrome 100.0.4896.127 patched CVE-2022-1364, which had also been exploited in the wild.
The update, which also includes numerous other security and bug fixes, will roll out over the coming days. You can check for an update by clicking on the Chrome menu in the menu bar, then selecting About Google Chrome.