Print this page
Monday, 28 March 2022 15:42

Google Releases 2nd Patch Now Advisory of 2022 as New Actively Exploited Zero-Day Shows Up.

Written by

Reading time is around minutes.

Google pushed out a n Out-of-band patch for Chrome due to a high-severity on Friday (March 25th, 2022). The patch was pushed out quickly as the vulnerability, tracked as CVE-2022-1096 is being actively exploited in the wild. CVE-2022-1096 is a type confusion vulnerability that exists in the JavaScript Engine used by Chrome and was reported to Google by an Anonymous researcher last week.

This marks the second 0-day found in Chrome that has been actively exploited in the wild. The first was a use after free vulnerability. A use after free vulnerability is one that affects the way objects are handled in memory and allows an attacker to potentially execute arbitrary code by abusing this (in very simple terms). A Type Confusion vulnerability is when a resource is accessed by an undefined or incompatible with what was originally intended or initialized. In this case it can read or write memory out of bounds for the buffer which can lead to a program crash and code execution.

Google has also announced that it is aware of active campaigns to North Korean nation-state groups that are already weaponizing the flaws to attack US targets in the news media, fintech, and even cryptocurrency verticals.
Google and has disclosed this as a patch now and are advising people to update to Chrome version 99.0.4844.84 for all operating systems to mitigate the risks associated with this new vulnerability. They also state that the flaw exists in all Chromium based browsers, so users of Edge, Opera and others are advised to update as soon as the patches are ready for those browsers.

Browser based attacks are very popular with attack groups as a single flaw potentially allows access to a wide swath of systems in play. We expect to see more of these show up with more actively exploited 0-days. It is just the new pattern. Companies are advised to ensure they have other security measures in place to help reduce the risks of any of these. This should include behavior based anti-malware, strong authentication, could service security monitoring, and potentially link and browser sandboxing or virtualization. There will never be a time when there are no vulnerabilities, so having the right proactive measures in place to reduce the impact when one is exploited is going to be the best thing to do.

Read 1174 times
Sean Kalinich

Latest from Sean Kalinich

Related items