Adam Weidemann and Clément Lecigne of Google’s Threat Analysis Group reporting the flaw , “Google is aware of reports that an exploit for CVE-2022-0609 exists in the wild.
Google released fixes for eight security issues in the Chrome web browser on Monday, including a high-severity vulnerability that is actively being exploited in real-world attacks, marking the internet giant’s first zero-day patch in 2022.
The flaw, identified as CVE-2022-0609, is described as a use-after-free vulnerability in the Animation component that, if successfully exploited, could corrupt valid data and allow arbitrary code to be executed on affected systems.
The Stable channel for Windows, Mac, and Linux has been updated to 98.0.4758.102, and it will be rolled out over the next few days/weeks. The extended stable channel for Windows and Mac has also been updated to 98.0.4758.102, which will be rolled out over the next few days/weeks.
Google also addressed four other use-after-free flaws affecting File Manager, File Manager, ANGLE and GPU, a heap buffer overflow bug in Tab Groups, an integer overflow in Mojo, and an issue with improper Gamepad API implementation.
Finally the researchers concluded that ,” To prevent the potential threats, Google Chrome users are strongly advised to update to the latest version 98.0.4758.102 for Windows, Mac, and Linux. It’s worth noting that Google fixed 17 zero-day vulnerabilities in Chrome in 2021″.