Skip to main content
Creating a new NHS England: NHS England and NHS Digital merged on 1 February 2023. All references to NHS Digital now, or in the future, relate to NHS England. More about the merger.

Google Releases Security Update for Chrome

Security update released to address an actively exploited zero-day vulnerability in Chrome

Report a cyber attack: call 0300 303 5222 or email carecert@nhsdigital.nhs.uk

Summary

Security update released to address an actively exploited zero-day vulnerability in Chrome


Threat details

Introduction

Google has released a security update to address a High severity zero-day vulnerability tracked as CVE-2022-4135. An attacker could exploit this vulnerability to take control of an affected system. 

Google confirms that an exploit for CVE-2022-4135 exists in the wild.

Exploitation in the wild for CVE-2022-4135

The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2022-4135 to their Known Exploited Vulnerabilities Catalog.


Remediation advice

Affected organisations are encouraged to review the Chrome Release and apply the necessary updates to the latest release.



Last edited: 29 November 2022 2:57 pm