Analysis
Google on Monday rolled out fixes for eight security issues in the Chrome web browser, including a high-severity vulnerability that’s being actively exploited in real-world attacks, marking the first zero-day patched by the internet giant in 2022.
The shortcoming, tracked CVE-2022-0609, is described as a use-after-free vulnerability in the Animation component that, if successfully exploited, could lead to corruption of valid data and the execution of arbitrary code on affected systems.
Also addressed by Google four other use-after-free flaws impacting File Manager, File Manager, ANGLE, and GPU, a heap buffer overflow bug in Tab Groups, an integer overflow in Mojo, and an issue with inappropriate implementation in Gamepad API.
Google Chrome users are highly recommended to update to the latest version 98.0.4758.102 for Windows, Mac, and Linux to mitigate any potential threats. It’s worth noting that Google had addressed 17 zero-day flaws in Chrome in 2021.
Effected Application
Google Chrome
Permanent Mitigation
latest version 98.0.4758.102
Reference
Note: Please update your “Google chrome ASAP”
