Home > Cyber News > CVE-2022-0609: Zero-Day Bug in Chrome Exploited in the Wild
CYBER NEWS

CVE-2022-0609: Zero-Day Bug in Chrome Exploited in the Wild

CVE-2022-0609: Zero-Day Bug in Chrome Exploited in the Wild

CVE-2022-0609 is a new zero-day vulnerability in Google Chrome which has been used by threat actors in attacks.

CVE-2022-0609 in Google Chrome – What Is Known?

Google has already released Chrome 98.0.4758.102 for Windows, Mac, and Linux to address the serious issue. In fact, it should be noted that this update includes a total of 11 security fixes.




Apparently, the update to address CVE-2022-0609 will be rolled out in the weeks to come. However, if you want to install it immediately, you can jump to Google Chrome menu, select Help, then About Google Chrome, and apply the update. Also note that your browser will check automatically for new updates and install them the next time your relaunch the browser.

It may be a good idea to get the update yourself, as “Google is aware of reports that an exploit for CVE-2022-0609 exists in the wild.”

The technical details about CVE-2022-0609 are scarce. Google has described it as a user after free in Animation bug, which has a high-severity score. The vulnerability was discovered by Clément Lecigne from Google’s Threat Analysis Group.

It is noteworthy that threat actors tend to exploit use-after-free flaws in order to execute arbitrary code on vulnerable systems running unpatched Chrome versions. These bugs also help to escape the browser’s security sandbox.

Another example of a use-after-free Chrome zero-day exploited in the wild is CVE-2021-37973. The bug resided in the Portals API, which is a web page navigation system that helps in page transitions, or what users see when they move between pages. This bug was also disclosed by Clément Lecigne.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Leave a Comment

Your email address will not be published.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...