An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.

TechPills (TP) is a technology blog and newsletter that delivers bite-sized insights, tips, and tutorials on software development, cloud computing, and cybersecurity. Covering topics such as programming languages, cloud services, and IT security, TechPills offers resources for developers and IT professionals looking to stay informed and up-to-date in the rapidly evolving world of technology.

Threatpost

The bug, tracked as CVE-2022-2856, is associated with “insufficient validation of untrusted input in Intents,’ Google credits Ashley Shen and Christian Resell of its Google Threat Analysis Group for reporting the zero-day bug. The advisory also unveiled 10 other patches for various other Chrome issues.

Google Patches Chrome’s Fifth Zero-Day of the Year