Google has just released an update for Chrome’s Stable and Extended channels, patching 11 security vulnerabilities. This update, Chrome 98.0.4758.102, fixes exploits for various high-severity use-after-free (UAF) bugs—most especially focusing on the CVE-2022-0609 bug since it’s actively exploited.
Google Chrome is one of the most popular browsers for both desktop and mobile platforms, with billions of users worldwide. Thus, it’s not surprising that it’s a frequent target for hackers and has to constantly be on guard for any security flaws. The 98.0.4758.102 update is the first patch to fix the first zero-day bug of 2022.
Zero-day vulnerabilities are severe software threats and should be addressed as soon as possible because hackers can continuously exploit them to inflict damage on devices and users. This was the case with the reported CVE-2022-0609 bug, which is a UAF issue with Chrome’s Animation component. It could have caused problems like data corruption and program crashes.
There were other security issues patched alongside it, too. Chrome’s File Manager, Webstore API, ANGLE, and GPU had suffered from the same use-after-free bug. There were high-severity cases for a heap buffer overflow in Tab Groups and an integer overflow in Mojo. Lastly, a medium-severity inappropriate implementation issue with the Gamepad API was also fixed.
The Chrome 98.0.4758.102 patch will be rolling out for Windows, Mac, and Linux over the coming days and weeks. However, users are highly urged to manually update the browser themselves. They can do this by opening Chrome’s menu, going to Help, and choosing “About Google Chrome.” This is for the best since Google confirmed reports of a CVE-2022-0609 exploit still existing out there.
