Google Chrome Zero-Day Flaw Update
Threat Intelligence from DigitalXRAID’s Security Operations Centre analysts:
DigitalXRAID’s Security Operations Centre Analysts have been notified by Google that they have just released an update for Chrome to address a new Zero-Day flaw that is being actively exploited.
Read more about the CVE detail here: CVE-2022-0609
Tracked as CVE-2022-0609, and assigned a high severity, the vulnerability is a Use-After-Free flaw found in the animation component of Google Chrome.
If successfully exploited, it could lead to corruption of valid data, or execution of arbitrary code on the affected system. Few details are known about the issue at this time as full details will not be released by Google until the majority of users have updated.
Seven other flaws have also been addressed by Google in its latest update, all but one of these has been classified as ‘high’ in severity.
Remediation of Vulnerabilities:
Google Chrome users are advised to update to the latest version of Chrome 98.0.4758.102 for Windows, Mac, and Linux. Android devices have been updated to 98.0.4758.101.
Chrome will automatically update on its own over time; however, action can be taken now by going to ‘Menu -> Help -> About Google Chrome’. This webpage will display the current version of Chrome, and automatically checks for new update. Any update found is installed the next time Chrome is closed and relaunched.
If you discover that you’ve suffered a breach as a result of this or any other vulnerability, and need help urgently, get in contact with us. You can call our emergency line on 0800 066 4509 to speak to one of our experts. They’re available 24 hours a day, 7 days a week. Bookmark this page in case you ever need us.
If you need any support in mitigating any risks this vulnerability may have on your business, please don’t hesitate to get in contact.