Users of Google chrome have been urged to update their browser as unpatched weaknesses in the software is being exploited by hackers. These vulnerabilities can lead to data corruption and the execution of arbitrary code on vulnerable systems.
Tracked as CVE-2022-0609 and rated high severity, the exploited vulnerability is described as a use-after-free vulnerability issue in the Animation component.
This vulnerability was reported by Adam Weidemann and Clément Lecigne of Google’s Threat Analysis Group.
Read Also: Kenya Launches Cybercrime Protection Game for Children
On Monday, 14th February 2022, Google Chrome team released a report in which it announced the release of new updates to the Chrome browser. “The Stable channel has been updated to 98.0.4758.102 for Windows, Mac and Linux which will roll out over the coming days/weeks.” The recent update includes 11 security fixes.
Google Nine other vulnerabilities rated “high” severity that has been patched in the latest Chrome release.
2021 saw a total of 16 ‘zero-day’ listed below.
CVE-2021-21148 – Feb. 4, a vulnerability in its V8 open-source web engine.
CVE-2021-21166 – March 2, a flaw in the Audio component of Google Chrome.
CVE-2021-21193 – March 12, a use-after-free flaw in Blink, the browser engine for Chrome that was developed as part of the Chromium project.
CVE-2021-21220 – April 13, a remote-code execution issue.
CVE-2021-21224 – April 20, an issue with type confusion in V8 in Google Chrome that could have allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
Read Also: Africa is set to take over the global videogame business
CVE-2021-30551 – June 9, a type confusion bug within Google’s V8 open-source JavaScript and WebAssembly engine.
CVE-2021-30554 – June 17, a use-after-free bug.
CVE-2021-30563 – July 15, type confusion in V8.
CVE-2021-30632 and CVE-2021-30633 – Sept. 13, an out-of-bounds write in V8 and a use-after-free bug in the IndexedDB API, respectively.
CVE-2021-37973 – Sept. 24, a use-after-free flaw in Portals.
CVE-2021-37976 and CVE-2021-37975 – Sept. 30, an information leak in core and a use-after-free bug in V8, respectively.
CVE-2021-38000 and CVE-2021-38003 – Oct. 28, an issue with Insufficient validation of untrusted input in Intents in Google Chrome on Android, and an inappropriate implementation in V8 respectively.
CVE-2021-4102 – Dec. 13, a use after free in V8.
Two of these zero-day were deemed serious enough to warrant a $7,500 payout to the security researchers who found them.
The CVE-2022-0609 is Chrome’s first zero-day in 2022 and Google Chrome users anticipate a permanent fix to bugs and vulnerabilities.
Read Also: MTN Set To Employ 150 Digital Experts
How To Know Which Version of Google Chrome I am using
Knowing and keeping your browser up-to-date is vital and one of the safest ways to keep your browsing and your device as safe as possible and knowing how to do this on chrome is easy. Just follow the steps below to know which version of chrome you are using and keep it up to date
1. Open Google Chrome on your device ( PC or Mac )
2. Click the three dots in the upper-right corner of the window.
3. Hover your cursor over “Help.” ( as shown in the image below )
4. Click “About Google Chrome”
Doing the above will display the current version of your Google Chrome on the screen. Depending on your setting, your chrome browser update can be done automatically or at a prompt from time to time.