Security News > 2022 > March > Emergency Google Chrome update fixes zero-day used in attacks
Google has released Chrome 99.0.4844.84 for Windows, Mac, and Linux users to address a high-severity zero-day bug exploited in the wild.
This update was available immediately when BleepingComputer checked for new updates by going into Chrome menu > Help > About Google Chrome.
Even though Google said it detected attacks exploiting this zero-day in the wild, the company did not share technical details or additional info regarding these incidents.
Google Chrome users should have enough time to upgrade Chrome and prevent exploitation attempts until the browser vendor releases more info.
With this update, Google addressed the second Chrome zero-day since the start of 2022, the other one patched last month.
The Google Threat Analysis Group revealed that North Korean-backed state hackers exploited the CVE-2022-0609 zero-day weeks before the February patch.
News URL
Related news
- New details reveal how hackers hijacked 35 Google Chrome extensions (source)
- Google Chrome is making it easier to share specific parts of long PDFs (source)
- Google fixes Android kernel zero-day exploited in attacks (source)
- Fake Google Chrome Sites Distribute ValleyRAT Malware via DLL Hijacking (source)
- Google Chrome's AI-powered security feature rolls out to everyone (source)
- Ivanti warns of new Connect Secure flaw used in zero-day attacks (source)
- Ivanti zero-day attacks infected devices with custom malware (source)
- Fortinet Warns of New Zero-Day Used in Attacks on Firewalls with Exposed Interfaces (source)
- Supply chain attack hits Chrome extensions, could expose millions (source)
- SonicWall SMA appliances exploited in zero-day attacks (CVE-2025-23006) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-05 | CVE-2022-0609 | Use After Free vulnerability in Google Chrome Use after free in Animation in Google Chrome prior to 98.0.4758.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |