On Friday, December 2nd, 2022, Google released updates for Chrome on Android and Desktop (Windows, Mac and Linux). The Desktop update, in particular, contained fixes to combat a new zero-day vulnerability, tracked as CVE-2022-4262. This is Chrome’s ninth patched zero-day of 2022.
On Monday, December 5th, the Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability to its list of bugs known to be exploited in attacks, though specific technical details have not been shared at this time. CISA is requiring all Federal Civilian Executive Branch (FCEB) agencies to push this patch out by December 26th, three weeks from the announcement, and the Department of Homeland Security cybersecurity agency is strongly urging all U.S. organizations to do the same.
Google’s original security advisory can be found here: https://chromereleases.googleblog.com/2022/12/stable-channel-update-for-desktop.html