Google has released Chrome 98.0.4758.102 for Windows, Mac and Linux with fixes for multiple vulnerabilities, to include one zero-day (CVE-2022-0609) exploited in the wild.
An attacker could exploit these vulnerabilities to take control of impacted systems.
The latest Chrome 98 (98.0.4758.102) security update patched 11 vulnerabilities in all, to include 7 High severity vulnerabilities (bold denotes zero-day), each discovered by external researchers:
- High CVE-2022-0603: Use after free in File Manager.
- High CVE-2022-0604: Heap buffer overflow in Tab Groups.
- High CVE-2022-0605: Use after free in Webstore API.
- High CVE-2022-0606: Use after free in ANGLE.
- High CVE-2022-0607: Use after free in GPU.
- High CVE-2022-0608: Integer overflow in Mojo.
- High CVE-2022-0609: Use after free in Animation.
Google confirmed reports of an exploit for CVE-2022-0609 exists in the wild.
In addition, Google also released a new version of Chrome 98 (98.0.4758.101) for Android.