Chrome Zero-Day (CVE-2022-0609) Patch NOW!

AppDefects — Mon, 09 Oct 2023 10:08:27 GMT

Google's Threat Analysis Group discovered that two distinct North Korean government-backed attacker groups are exploiting a remote code execution vulnerability in Chrome, CVE-2022-0609. These groups' activity has been publicly tracked as Operation Dream Job and Operation AppleJeus.This flaw is a high severity use-after-free vulnerability in the Animation component of Chrome. Not much else is currently known about the bug. A use-after-free (UAF) exploit refers to memory after it has been freed, which can cause a program to use unexpected values, corrupt valid data, crash, or execute code, according to MITRE.

Reference: Countering threats from North Korea

Re: Chrome Zero-Day (CVE-2022-0609) Patch NOW!

dcontesti — Mon, 28 Mar 2022 04:49:41 GMT

Great alert thanks.

Folks need to keep in mind that ALL Chromium based browsers affected - CHROME / EDGE / BRAVE / OPERA as well.

You should upgrade to versions (build) listed below:

Chrome: 99.0.4844.84
Brave: 99.0.4844.88
Edge: 99.0.1150.55
Opera: 85.0.4341.18

topic Re: Chrome Zero-Day (CVE-2022-0609) Patch NOW! in Threats

Chrome Zero-Day (CVE-2022-0609) Patch NOW!

Re: Chrome Zero-Day (CVE-2022-0609) Patch NOW!