Home / About / Threat Intelligence / Google Releases Emergency Chrome Patch

Overview

Google has released an update for Chrome to address 7 high severity vulnerabilities including one zero day (CVE-2022-0609) that has been seen being actively exploited in the wild.

Impact

A malicious website may be able to execute code on a host’s machine.

Vulnerability Detection

You can see which version of Chrome you are running in the About Chrome tab of the Settings page.
Navigate your browser to: `chrome://settings/help`
The most recent version as of 2022-02-15 is 98.0.4758.102.

Containment, Mitigations & Remediations

If you’re running an older version, then Chrome should update itself automatically on the next launch.
The About page can also be used to manually update and this requires a relaunch of the browser.

Other advice:

– Don’t use administrative accounts to browse the internet.
– Avoid clicking on suspicious links or browsing untrustworthy websites.
– Apply the Principle of Least Privilege to all systems and services.

Mitre Methodologies

T1189Drive-by Compromise

Further Information

Stable Channel Update for Desktop