Reinforcing its efforts to fix a high-severity zero-day vulnerability used by threat actors in attacks, Google has released Chrome 98.0.4758.102 for Windows, Mac, and Linux.
"Google is aware of reports that an exploit for CVE-2022-0609 exists in the wild," Google said in a security advisory released. It further states that the Chrome update will roll out over the coming weeks. However, it is possible to install the update immediately simply by going into the Chrome menu > Help > About Google Chrome.
The browser will also automatically check for new updates and install them the next time you close and relaunch Google Chrome.
The zero-day bug fix, tracked as CVE-2022-0609, is described as a "Use after free in Animation" and was assigned a High severity level. This vulnerability was discovered by Clément Lecigne from Google's Threat Analysis Group. Attackers commonly exploit use after free bugs to execute arbitrary code on computers running unpatched Chrome versions or escape the browser's security sandbox.
Without sharing any additional information regarding these incidents or technical details about the vulnerability, Google said they have detected attacks exploiting this zero-day.
"Access to bug details and links may be kept restricted until a majority of users are updated with a fix," Google added.
In addition to the zero-day, the Google Chrome update fixed seven other security vulnerabilities, all but one classified as 'High' severity.
With this update, Google has addressed the first Chrome zero-day since the start of 2022.
Because this zero-day is known to have been used by attackers in the wild, is it strongly recommended that everyone install today's Google Chrome update as soon as possible.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.