Chrome releases emergency security update to fix CVE-2022-0609 flaw

by do son · February 15, 2022

Google released a security bulletin to reveal the CVE-2022-0609 vulnerability, which is a major security threat to user-after-free in the Animation component. To ensure security, Google has released an emergency security update to fix this vulnerability, the corresponding version number is Google Chrome 98.0.4758.102.

Also fixed this time are CVE-2022-0603, CVE-2022-0604, CVE-2022-0605, CVE-2022-0606, CVE-2022-0607, CVE-2022-0608, and CVE-2022-0610 vulnerabilities, all of which are high-risk vulnerabilities except CVE-2022-0610.

The security vulnerability, numbered CVE-2022-0609, was submitted by Adam Weidemann and Clément Lecigne of Google’s Threat Analysis Group (TAG), and the vulnerability was discovered on February 10.

According to Google, “Google is aware of reports that an exploit for CVE-2022-0609 exists in the wild.” At present, it is only known that this vulnerability is an escape after use in the Animation component. Based on security considerations, Google will only disclose the full details of the vulnerability after most users update. Often such vulnerabilities can be used to execute arbitrary code or escape the browser’s security sandbox, and interested researchers can wait for subsequent Google disclosures.

Users of Google Chrome can go to the About page of the settings, where they can see the current version number and can automatically check the latest version. If the user deploys the online installation package, it can be updated automatically. If the user deploys the offline installation package, the user needs to manually download the new version to upgrade.

Chrome releases emergency security update to fix CVE-2022-0609 flaw

Search

Brilliantly

Content & Links