Chrome releases emergency security update to fix CVE-2022-0609 flaw
Google released a security bulletin to reveal the CVE-2022-0609 vulnerability, which is a major security threat to user-after-free in the Animation component. To ensure security, Google has released an emergency security update to fix this vulnerability, the corresponding version number is Google Chrome 98.0.4758.102.
Also fixed this time are CVE-2022-0603, CVE-2022-0604, CVE-2022-0605, CVE-2022-0606, CVE-2022-0607, CVE-2022-0608, and CVE-2022-0610 vulnerabilities, all of which are high-risk vulnerabilities except CVE-2022-0610.
According to Google, “Google is aware of reports that an exploit for CVE-2022-0609 exists in the wild.” At present, it is only known that this vulnerability is an escape after use in the Animation component. Based on security considerations, Google will only disclose the full details of the vulnerability after most users update. Often such vulnerabilities can be used to execute arbitrary code or escape the browser’s security sandbox, and interested researchers can wait for subsequent Google disclosures.