Google has started distributing Chrome 98.0.4758.102 for Windows, Mac and Linux in order to fix a zero-day vulnerability high gravity already used by malevolent actors: “Google is aware of reports that there is an exploit for CVE-2022-0609“reads a safety notice issued by the same company.





The update should be rolling out at this time, but you can force it through the menu Chrome> About Google Chrome. Going to the screen, the browser will automatically check for new updates and will install them at the next restart.





Make it 0-day active on Chrome: better update the browser immediately





The zero-day bug reported as CVE-2022-0609 and its gravity is defined as “high”. Discovered by Clment Lecigne of Google’s Threat Analysis Group, the flaw described as “Use-after-free in Animation”, and can be used by attackers to execute arbitrary code on a vulnerable computer to bypass the browser’s security sandbox.

Google has claimed to have received reports of exploits exploiting the CVE-2022-0609 vulnerability, however it has not yet released any further details or technical details on the vulnerability. The company explained that confidentiality is required until patches are installed on most systems in use, for security reasons. The Google Chrome update resolved seven other security vulnerabilities (including six of high severity) not yet actively exploited by malicious actors.

CVE-2022-0609 the first 0-day vulnerability corrected on Chrome in 2022, while last year Google had corrected 16. Considering that the new flaw has already been actively exploited, we can only advise users of the Big G browser to update to the version 98.0.4758.102 for Windows, Mac and Linux, in order to mitigate the threat.





