BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

Edit Story

Google Updates Chrome To Fix In The Wild Exploit

Following
This article is more than 2 years old.

Google has confirmed the latest in a growing list of emergency security updates to the Chrome web browser used by an estimated 3.2 billion users.

The update to version 98.0.4758.102 of Chrome patches a total of eight security vulnerabilities, one of which, Google has confirmed, is a zero-day vulnerability that attackers are already exploiting.

The Google Chrome stable channel blog update announcement, published on Valentine's Day, stated that "Google is aware of reports that an exploit for CVE-2022-0609 exists in the wild."

MORE FROM FORBESMicrosoft Issues 'Turn It Off And On Again' Warning For Windows 10 Users

What is the CVE-2022-0609 zero-day vulnerability?

CVE-2022-0609 is a high-rated remote code execution vulnerability that could enable an attacker to run code on a targeted computer.

There's not any detail of the vulnerability, other than the 'use after free in animation' descriptor in the update posting. This lack of technical details regarding a vulnerability that is being actively exploited is not at all unusual.

Google will routinely restrict in-depth information until a majority of users have had the opportunity to apply the update which will be rolled out in the coming days and weeks.

MORE FROM FORBESHack The Planet: How This Hacker Unlocked A $2 Million Crypto Wallet

Seven more Google Chrome vulnerabilities also fixed

The other seven vulnerabilities fixed in this emergency security update are:

  • CVE-2022-0603: Use after free in File Manager. High-rated.
  • CVE-2022-0604: Heap buffer overflow in Tab Groups. High-rated.
  • CVE-2022-0605: Use after free in Webstore API. High-rated.
  • CVE-2022-0606: Use after free in ANGLE. High-rated.
  • CVE-2022-0607: Use after free in GPU. High-rated.
  • CVE-2022-0608: Integer overflow in Mojo. High-rated.
  • CVE-2022-0610: Inappropriate implementation in Gamepad API. Medium-rated.

How to apply the Google Chrome security patch now

Head for the Help|About option in your Google Chrome menu, and if the update is available, it will automatically start downloading.

It may take a few days for the update to reach everyone, so be patient if you are not seeing it yet.

Also, remember to restart your browser after the update has been installed, or it will not activate, and you will still be vulnerable to attack.

Follow me on Twitter or LinkedInCheck out my website or some of my other work here