Google has launched a brand new Chrome replace for Windows, macOS, and Linux that fixes a complete of 11 safety points. Of these vulnerabilities, the replace patches a highly-severe zero-day bug that has already been exploited by attackers. It is called a ‘use-after-free’ vulnerability that exists in Chrome’s Animation element. An attacker can exploit the bug to deprave information and even execute a code on the system, with out letting its customers know. This is notably the primary zero-day bug impacting the Chrome browser that has been patched by Google.
Through a short blog post, Google introduced the discharge of Chrome model 98.0.4758.102 for Windows, macOS, and Linux that can roll out to customers across the globe over the approaching days.
Among different fixes out there within the newest launch, the zero-day bug has been recognized as CVE-2022-0609. It was reported by Google’s Threat Analysis Group on February 10, in keeping with the weblog put up.
“Google is aware of reports that an exploit for CVE-2022-0609 exists in the wild,” the corporate mentioned.
Considering the high-severity of the bug, customers are suggested to instantly replace Chrome on their techniques.
Although Chrome checks for brand spanking new updates routinely, you may manually search for the most recent model by going to Chrome > About Google Chrome. You also can examine for the replace by clicking the three-dot button from the right-most nook after which Help > About Google Chrome.
In addition to the zero-day bug, the Chrome model 98.0.4758.102 fixes 4 different ‘use-after-free’ safety points which might be rated with excessive severity and have been discovered within the browser’s Fire Manager, Webstore API, ANGLE, and GPU course of. The replace additionally patches one other high-severity bug that was resulting from a ‘heap buffer overflow’ downside that existed within the Tab Groups.
Further, the brand new model features a repair for a medium-severity subject that existed resulting from an inappropriate implementation within the Gamepad API, as per the main points publicly shared by Google.
This is notably not the primary time when a zero-day vulnerability was present in Chrome. Last yr, Google fastened a complete 16 zero-day bugs throughout the browser by totally different safety updates.
Zero-day bugs might be fairly dangerous for the plenty as they’re found earlier than safety researchers and software program distributors change into conscious of their existence. Cybercriminals and attackers can exploit these vulnerabilities earlier than they arrive into the limelight to achieve entry to consumer information and techniques.
#Chrome #Users #Windows #macOS #Linux #Update #Fix #HighSeverity #Bug