Google has released a fix for a high-severity zero-day vulnerability in its Chrome browser, which it claims is being abused in the wild.
“Google is aware of reports that the CVE-2022-0609 vulnerability exists in the wild,” the company’s security advisory said. Google described the vulnerability as “free to use in animations,” but didn’t elaborate on what that meant or how extreme the risk was.
Abuse of flaws
The company said the flaws are being abused in the wild, but declined to share any details on how or by whom they were abused. It’s hard to say whether malware was developed to abuse the vulnerability, and whether it would be noticed by antivirus solutions.
Still, that should be enough to motivate most people to update their browsers right away.
Chrome version 98.0.4758.102 is now available for Windows, Mac, and Linux. To apply the patch, Chrome users can navigate to Chrome Menu > Help > About > Google Chrome, or they can wait for the browser to automatically update on the next restart.
“Access to bug details and links may be limited until most users update to fix it,” Google said. Google frequently patches and upgrades Chrome. Last month, it added new features to avoid the Y2K-style bug that broke many sites years ago. Google Chrome is currently in its 98th iteration and will reach the 100th version milestone sooner or later. If history is any indication, that may cause some sites to not display properly.
Google cautions that when Chrome first jumped from single-digit to double-digit versions (versions 9 to 10), it wasn’t suitable for some older sites. For version 100, it is designed not to repeat the same mistakes.
The current v98 also comes with additional tweaks and improvements, such as support for COLRv1 color gradient vector fonts, as an additional new font format. In the v98 beta, the company also introduced Origin Trials, a feature that allows users to test new features and provide feedback to the web standards community on usability, usability, and effectiveness.
>>>>>>>>>>>>Google battery