Chrome Zero-Day Under Active Attack – Patch ASAP

Google on Monday issued 11 security fixes for its Chrome browser, including a high-severity zero-day bug that’s actively being jumped on by attackers in the wild.

In a brief update, Google described the weakness, tracked as CVE-2022-0609, as a use-after-free vulnerability in Chrome’s Animation component. This kind of flaw can lead to all sorts of misery, ranging from the corruption of valid data to the execution of arbitrary code on vulnerable systems. Such flaws can also be used to escape the browser’s security sandbox.

“Google is aware of reports that an exploit for CVE-2022-0609 exists in the wild,” according to its security update.

Read more…
Source: ThreatPost