Home > Cyber News > CVE-2022-0609: Zero-Day Bug in Chrome Exploited in the Wild
CYBER NEWS

CVE-2022-0609: Zero-Day Bug in Chrome Exploited in the Wild

by   |  Last Update:  |  0 Comments  

CVE-2022-0609 is a new zero-day vulnerability in Google Chrome which has been used by threat actors in attacks.

CVE-2022-0609 in Google Chrome – What Is Known?

Google has already released Chrome 98.0.4758.102 for Windows, Mac, and Linux to address the serious issue. In fact, it should be noted that this update includes a total of 11 security fixes.

CVE-2022-0609: Zero-Day Bug in Chrome Exploited in the Wild

Apparently, the update to address CVE-2022-0609 will be rolled out in the weeks to come. However, if you want to install it immediately, you can jump to Google Chrome menu, select Help, then About Google Chrome, and apply the update. Also note that your browser will check automatically for new updates and install them the next time your relaunch the browser.

It may be a good idea to get the update yourself, as “Google is aware of reports that an exploit for CVE-2022-0609 exists in the wild.”




The technical details about CVE-2022-0609 are scarce. Google has described it as a user after free in Animation bug, which has a high-severity score. The vulnerability was discovered by Clément Lecigne from Google’s Threat Analysis Group.

It is noteworthy that threat actors tend to exploit use-after-free flaws in order to execute arbitrary code on vulnerable systems running unpatched Chrome versions. These bugs also help to escape the browser’s security sandbox.

Another example of a use-after-free Chrome zero-day exploited in the wild is CVE-2021-37973. The bug resided in the Portals API, which is a web page navigation system that helps in page transitions, or what users see when they move between pages. This bug was also disclosed by Clément Lecigne.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Related posts:
  1. Adobe Patches 112 Vulnerabilities in Latest Patch Package (CVE-2018-5007) Adobe has released the latest patch package that addresses a...
  2. CVE-2022-1096 Chromium Vulnerability Exploited in the Wild If you haven’t updated your Chrome browser to version 99.0.4844.84,...
  3. CVE-2022-1364 Chrome Vulnerability Exploited in the Wild Did you install the emergency patches for Google Chrome that...
  4. CVE-2020-15999: FreeType Zero-Day Bug in Chrome Exploited in the Wild Are you running the latest version of Google Chrome (currently...
  5. CVE-2022-2856 Critical Chrome Bug Exploited in the Wild An actively exploited, highly severe zero-day vulnerability has been fixed...
  6. CVE-2022-26485, CVE-2022-26486: Critical Firefox Zero-Days Exploited in the Wild Two out-of-band updates were just released to address a couple...
  7. Microsoft CVE-2021-28310 Bug Actively Exploited in the Wild This month’s Patch Tuesday fixes 110 security vulnerabilities, 19 of...
  8. CVE-2021-30632 and CVE-2021-30633: Chrome Zero-Days Exploited in the Wild Is your Chrome browser up-to-date? Google just released fixes for...

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree