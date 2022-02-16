Chrome's first zero-day bug for 2022 is reportedly being exploited

By on
Chrome's first zero-day bug for 2022 is reportedly being exploited

Don't wait for the auto-update.

Google has found a zero-day in Chrome for Windows, Mac, and Linux, which it believes may be under exploit.

The company released a patch that fixes a number of security vulnerabilities, notably CVE-2022-0609 for which Google’s advisory says it "is aware of reports that an exploit... exists in the wild”.

The CVE-2022-0609 bug is a use-after-free in Chrome’s Animation component.

The other bugs are a use-after-free in the Webstore API (CVE-2022-0605), one in the Angle graphics engine (CVE-2022-0606), another in Chrome’s GPU process (CVE-2022-0607), an integer overflow in the Mojo sandboxing process (CVE-2022-0608), and a bug in the Gamepad API implementation (CVE-2022-0610).

While Google’s post said Chrome will update itself “over the coming days/weeks”, the browser can be updated from the About Google Chrome menu immediately.

The Animation bug was found by Adam Weidemann and Clément Lecigne of Google's Threat Analysis Group.

The patch brings Chrome’s Stable channel to version 98.0.4758.102.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
bug chrome patch security software vulnerability

Sponsored Whitepapers

Magic Quadrant for Access Management
Magic Quadrant for Access Management
Fortinet Networking and Cybersecurity Adoption Index 2021
Fortinet Networking and Cybersecurity Adoption Index 2021
The 5 steps to effective data protection
The 5 steps to effective data protection
Understanding the next security control points: applications and workloads
Understanding the next security control points: applications and workloads
Best security practices after rapid Digital Transformation
Best security practices after rapid Digital Transformation

Events

Most Read Articles

Cisco made $28 billion-plus takeover offer for Splunk

Cisco made $28 billion-plus takeover offer for Splunk
Department of Health CIO to exit

Department of Health CIO to exit
NAB looks to keep its cloud costs in check this year

NAB looks to keep its cloud costs in check this year
Microsoft in talks to buy cyber security firm Mandiant

Microsoft in talks to buy cyber security firm Mandiant

Digital Nation

Metaverse hype will transition into new business models by mid decade: Gartner
Metaverse hype will transition into new business models by mid decade: Gartner
COVER STORY: From cost control to customer fanatics, AI is transforming the contact centre
COVER STORY: From cost control to customer fanatics, AI is transforming the contact centre
The other &#8216;CTO&#8217;: The emerging role of the chief transformation officer
The other ‘CTO’: The emerging role of the chief transformation officer
As NFTs gain traction, businesses start taking early bets
As NFTs gain traction, businesses start taking early bets
Case Study: PlayHQ leverages graph technologies for sports administration
Case Study: PlayHQ leverages graph technologies for sports administration

Log In

Email:
Password:
  |  Forgot your password?